Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-6581

Published: 07/12/2023 Updated: 11/04/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Dlink

Vulnerability Summary

A vulnerability has been found in D-Link DAR-7000 up to 20231126 and classified as critical. This vulnerability affects unknown code of the file /user/inc/workidajax.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-247162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Product Search on Vulmon Subscribe to Product

dlink dar-7000_firmware

Vendor Advisories

Check Point Security Alerts: D-Link DAR-7000 SQL Injection (CVE-2023-5322; CVE-2023-6581)
Check Point Reference: CPAI-2023-1474 Date Published: 22 Jan 2024 Severity: Critical ...

References

CWE-89https://vuldb.com/?id.247162https://vuldb.com/?ctiid.247162https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_workidajax.mdhttps://nvd.nist.govhttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1474.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook