Search

Find a vulnerability

Search criteria

    26 vulnerabilities found for di-7300g\+_firmware by dlink

    CVE-2025-6899 (GCVE-0-2025-6899)

    Vulnerability from nvd – Published: 2025-06-30 08:32 – Updated: 2025-06-30 17:34
    VLAI
    Title
    D-Link DI-7300G+/DI-8200G msp_info.htm os command injection
    Summary
    A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314391 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314391 signaturepermissions-required
    https://vuldb.com/?submit.604444 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 17.12.20A1
    Affected: 19.12.25A1
    Create a notification for this product.
    D-Link DI-8200G Affected: 17.12.20A1
    Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6899",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T17:32:01.074018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T17:34:29.901Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.12.20A1"
                },
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            },
            {
              "product": "DI-8200G",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.12.20A1"
                },
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei msp_info.htm. Dank der Manipulation des Arguments flag/cmd/iface mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T08:32:05.999Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314391 | D-Link DI-7300G+/DI-8200G msp_info.htm os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314391"
            },
            {
              "name": "VDB-314391 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314391"
            },
            {
              "name": "Submit #604444 | D-Link D-Link DI-7300G+\u3001D-Link DI-8200G DI-7300G+ V19.12.25A1\u3001DI_8200G-17.12.20A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604444"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_4_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:20.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+/DI-8200G msp_info.htm os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6899",
        "datePublished": "2025-06-30T08:32:05.999Z",
        "dateReserved": "2025-06-29T11:56:11.016Z",
        "dateUpdated": "2025-06-30T17:34:29.901Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6898 (GCVE-0-2025-6898)

    Vulnerability from nvd – Published: 2025-06-30 08:02 – Updated: 2025-06-30 17:47
    VLAI
    Title
    D-Link DI-7300G+ in proxy_client.asp os command injection
    Summary
    A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314390 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314390 signaturepermissions-required
    https://vuldb.com/?submit.604443 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6898",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T17:46:01.070918Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T17:47:48.976Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in\u00a0proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in D-Link DI-7300G+ 19.12.25A1 entdeckt. Davon betroffen ist unbekannter Code der Datei in\u00a0proxy_client.asp. Durch Beeinflussen des Arguments proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T08:02:06.036Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314390 | D-Link DI-7300G+ in\u00a0proxy_client.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314390"
            },
            {
              "name": "VDB-314390 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314390"
            },
            {
              "name": "Submit #604443 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604443"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_3_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:19.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ in\u00a0proxy_client.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6898",
        "datePublished": "2025-06-30T08:02:06.036Z",
        "dateReserved": "2025-06-29T11:56:07.340Z",
        "dateUpdated": "2025-06-30T17:47:48.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6897 (GCVE-0-2025-6897)

    Vulnerability from nvd – Published: 2025-06-30 07:32 – Updated: 2025-06-30 15:24
    VLAI
    Title
    D-Link DI-7300G+ httpd_debug.asp os command injection
    Summary
    A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314389 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314389 signaturepermissions-required
    https://vuldb.com/?submit.604442 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6897",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T15:24:06.405144Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T15:24:09.757Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_2_en.pdf"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "In D-Link DI-7300G+ 19.12.25A1 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei httpd_debug.asp. Durch das Beeinflussen des Arguments Time mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.2,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T07:32:05.975Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314389 | D-Link DI-7300G+ httpd_debug.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314389"
            },
            {
              "name": "VDB-314389 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314389"
            },
            {
              "name": "Submit #604442 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604442"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_2_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:17.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ httpd_debug.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6897",
        "datePublished": "2025-06-30T07:32:05.975Z",
        "dateReserved": "2025-06-29T11:55:59.822Z",
        "dateUpdated": "2025-06-30T15:24:09.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6896 (GCVE-0-2025-6896)

    Vulnerability from nvd – Published: 2025-06-30 07:02 – Updated: 2025-06-30 18:00
    VLAI
    Title
    D-Link DI-7300G+ wget_test.asp os command injection
    Summary
    A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314388 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314388 signaturepermissions-required
    https://vuldb.com/?submit.604441 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6896",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T18:00:08.285490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T18:00:17.539Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in D-Link DI-7300G+ 19.12.25A1 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei wget_test.asp. Durch Manipulieren des Arguments url mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T07:02:05.641Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314388 | D-Link DI-7300G+ wget_test.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314388"
            },
            {
              "name": "VDB-314388 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314388"
            },
            {
              "name": "Submit #604441 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604441"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_1_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:16.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ wget_test.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6896",
        "datePublished": "2025-06-30T07:02:05.641Z",
        "dateReserved": "2025-06-29T11:55:52.445Z",
        "dateUpdated": "2025-06-30T18:00:17.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45580 (GCVE-0-2023-45580)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-10-16 15:01
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45580",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T17:19:03.398661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T15:01:53.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-19T21:06:46.625Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45580",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-10-16T15:01:53.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45579 (GCVE-0-2023-45579)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-18 13:55
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , < 23.08.25D1 (custom)
        cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-700g_plus_v2.d1 Affected: 0 , < 23.08.23D1 (custom)
        cpe:2.3:h:d-link:di-700g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 23.08.23D1,
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , < 23.08.23D1, (custom)
        cpe:2.3:h:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , < 23.08.23E1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 23.08.23D1
        cpe:2.3:h:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , < 23.08.23D1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.625Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.25D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-700g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-700g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.08.23D1,"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1,",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23E1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.08.23D1"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T13:23:37.447332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T13:55:41.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:34:20.604Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45579",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T13:55:41.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45578 (GCVE-0-2023-45578)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-18 14:16
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:a:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.497Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45578",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T14:10:47.032855Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T14:16:25.708Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:22:48.996Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45578",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T14:16:25.708Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45577 (GCVE-0-2023-45577)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-18 16:10
    VLAI
    Summary
    Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ v.23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ v.23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.742Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45577",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T16:05:14.060563Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T16:10:57.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T18:53:01.094Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45577",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T16:10:57.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45576 (GCVE-0-2023-45576)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:05
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug3.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45576",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T18:39:19.511593Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:05:48.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:03:19.724Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug3.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45576",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:05:48.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45575 (GCVE-0-2023-45575)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:28
    VLAI
    Summary
    Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45575",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:22:42.549572Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:28:16.423Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T18:45:00.944Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45575",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:28:16.423Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45574 (GCVE-0-2023-45574)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:35
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.dlink.com/en/security-bulletin/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45574",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:31:34.936258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:35:48.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:18:11.333Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.dlink.com/en/security-bulletin/"
            },
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45574",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:35:48.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45573 (GCVE-0-2023-45573)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:39
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45573",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:36:09.770808Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:39:42.655Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-19T21:01:57.752Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45573",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:39:42.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45572 (GCVE-0-2023-45572)

    Vulnerability from nvd – Published: 2023-10-16 00:00 – Updated: 2024-08-02 20:21
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.660Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:11:31.593Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45572",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-08-02T20:21:16.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6899 (GCVE-0-2025-6899)

    Vulnerability from cvelistv5 – Published: 2025-06-30 08:32 – Updated: 2025-06-30 17:34
    VLAI
    Title
    D-Link DI-7300G+/DI-8200G msp_info.htm os command injection
    Summary
    A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314391 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314391 signaturepermissions-required
    https://vuldb.com/?submit.604444 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 17.12.20A1
    Affected: 19.12.25A1
    Create a notification for this product.
    D-Link DI-8200G Affected: 17.12.20A1
    Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6899",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T17:32:01.074018Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T17:34:29.901Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.12.20A1"
                },
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            },
            {
              "product": "DI-8200G",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "17.12.20A1"
                },
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei msp_info.htm. Dank der Manipulation des Arguments flag/cmd/iface mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T08:32:05.999Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314391 | D-Link DI-7300G+/DI-8200G msp_info.htm os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314391"
            },
            {
              "name": "VDB-314391 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314391"
            },
            {
              "name": "Submit #604444 | D-Link D-Link DI-7300G+\u3001D-Link DI-8200G DI-7300G+ V19.12.25A1\u3001DI_8200G-17.12.20A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604444"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_4_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:20.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+/DI-8200G msp_info.htm os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6899",
        "datePublished": "2025-06-30T08:32:05.999Z",
        "dateReserved": "2025-06-29T11:56:11.016Z",
        "dateUpdated": "2025-06-30T17:34:29.901Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6898 (GCVE-0-2025-6898)

    Vulnerability from cvelistv5 – Published: 2025-06-30 08:02 – Updated: 2025-06-30 17:47
    VLAI
    Title
    D-Link DI-7300G+ in proxy_client.asp os command injection
    Summary
    A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314390 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314390 signaturepermissions-required
    https://vuldb.com/?submit.604443 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6898",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T17:46:01.070918Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T17:47:48.976Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in\u00a0proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Eine kritische Schwachstelle wurde in D-Link DI-7300G+ 19.12.25A1 entdeckt. Davon betroffen ist unbekannter Code der Datei in\u00a0proxy_client.asp. Durch Beeinflussen des Arguments proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T08:02:06.036Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314390 | D-Link DI-7300G+ in\u00a0proxy_client.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314390"
            },
            {
              "name": "VDB-314390 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314390"
            },
            {
              "name": "Submit #604443 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604443"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_3_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:19.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ in\u00a0proxy_client.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6898",
        "datePublished": "2025-06-30T08:02:06.036Z",
        "dateReserved": "2025-06-29T11:56:07.340Z",
        "dateUpdated": "2025-06-30T17:47:48.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6897 (GCVE-0-2025-6897)

    Vulnerability from cvelistv5 – Published: 2025-06-30 07:32 – Updated: 2025-06-30 15:24
    VLAI
    Title
    D-Link DI-7300G+ httpd_debug.asp os command injection
    Summary
    A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314389 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314389 signaturepermissions-required
    https://vuldb.com/?submit.604442 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6897",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T15:24:06.405144Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T15:24:09.757Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_2_en.pdf"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument Time leads to os command injection. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "In D-Link DI-7300G+ 19.12.25A1 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei httpd_debug.asp. Durch das Beeinflussen des Arguments Time mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.2,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T07:32:05.975Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314389 | D-Link DI-7300G+ httpd_debug.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314389"
            },
            {
              "name": "VDB-314389 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314389"
            },
            {
              "name": "Submit #604442 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604442"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_2_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:17.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ httpd_debug.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6897",
        "datePublished": "2025-06-30T07:32:05.975Z",
        "dateReserved": "2025-06-29T11:55:59.822Z",
        "dateUpdated": "2025-06-30T15:24:09.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6896 (GCVE-0-2025-6896)

    Vulnerability from cvelistv5 – Published: 2025-06-30 07:02 – Updated: 2025-06-30 18:00
    VLAI
    Title
    D-Link DI-7300G+ wget_test.asp os command injection
    Summary
    A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.314388 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.314388 signaturepermissions-required
    https://vuldb.com/?submit.604441 third-party-advisory
    https://github.com/2664521593/mycve/blob/main/D-L… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DI-7300G+ Affected: 19.12.25A1
    Create a notification for this product.
    Credits
    shiny (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6896",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-30T18:00:08.285490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-30T18:00:17.539Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DI-7300G+",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "19.12.25A1"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "shiny (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in D-Link DI-7300G+ 19.12.25A1 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei wget_test.asp. Durch Manipulieren des Arguments url mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-30T07:02:05.641Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-314388 | D-Link DI-7300G+ wget_test.asp os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.314388"
            },
            {
              "name": "VDB-314388 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.314388"
            },
            {
              "name": "Submit #604441 | D-Link D-Link DI-7300G+ DI-7300G+ V19.12.25A1 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.604441"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/2664521593/mycve/blob/main/D-Link_DI/CJ_IN_DLink_1_en.pdf"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-29T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-06-29T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-06-29T14:01:16.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DI-7300G+ wget_test.asp os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-6896",
        "datePublished": "2025-06-30T07:02:05.641Z",
        "dateReserved": "2025-06-29T11:55:52.445Z",
        "dateUpdated": "2025-06-30T18:00:17.539Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45576 (GCVE-0-2023-45576)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:05
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.639Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug3.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45576",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T18:39:19.511593Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:05:48.866Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:03:19.724Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug3.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45576",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:05:48.866Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45579 (GCVE-0-2023-45579)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-18 13:55
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , < 23.08.25D1 (custom)
        cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-700g_plus_v2.d1 Affected: 0 , < 23.08.23D1 (custom)
        cpe:2.3:h:d-link:di-700g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 23.08.23D1,
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , < 23.08.23D1, (custom)
        cpe:2.3:h:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , < 23.08.23E1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 23.08.23D1
        cpe:2.3:h:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , < 23.08.23D1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.625Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.25D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-700g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-700g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.08.23D1,"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1,",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23E1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "status": "affected",
                    "version": "23.08.23D1"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThan": "23.08.23D1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T13:23:37.447332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T13:55:41.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:34:20.604Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45579",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T13:55:41.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45573 (GCVE-0-2023-45573)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:39
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.419Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45573",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:36:09.770808Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:39:42.655Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-19T21:01:57.752Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45573",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:39:42.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45580 (GCVE-0-2023-45580)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-10-16 15:01
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.650Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45580",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-16T17:19:03.398661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-16T15:01:53.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-19T21:06:46.625Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45580",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-10-16T15:01:53.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45577 (GCVE-0-2023-45577)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-18 16:10
    VLAI
    Summary
    Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ v.23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ v.23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , ≤ v.23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.742Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "v.23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45577",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T16:05:14.060563Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T16:10:57.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T18:53:01.094Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45577",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T16:10:57.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45575 (GCVE-0-2023-45575)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:28
    VLAI
    Summary
    Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.364Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45575",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:22:42.549572Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:28:16.423Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T18:45:00.944Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45575",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:28:16.423Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45578 (GCVE-0-2023-45578)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-18 14:16
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:a:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g_plus_v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.497Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:d-link:di-7300g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g_plus_v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g_plus_v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45578",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-18T14:10:47.032855Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-18T14:16:25.708Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:22:48.996Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45578",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-18T14:16:25.708Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45572 (GCVE-0-2023-45572)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-08-02 20:21
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.660Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:11:31.593Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45572",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-08-02T20:21:16.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-45574 (GCVE-0-2023-45574)

    Vulnerability from cvelistv5 – Published: 2023-10-16 00:00 – Updated: 2024-09-17 19:35
    VLAI
    Summary
    Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    d-link di-7003gv2.d1 Affected: 0 , ≤ 23.08.25d1 (custom)
        cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7100gv2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7200gv2.e1 Affected: 0 , ≤ 23.08.23e1 (custom)
        cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7300g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    d-link di-7400g.v2.d1 Affected: 0 , ≤ 23.08.23d1 (custom)
        cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:21:16.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.dlink.com/en/security-bulletin/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:d-link:di-7003gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7003gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.25d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7100gv2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7100gv2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7200gv2.e1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7200gv2.e1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23e1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7300g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7300g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:d-link:di-7400g.v2.d1:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "di-7400g.v2.d1",
                "vendor": "d-link",
                "versions": [
                  {
                    "lessThanOrEqual": "23.08.23d1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-45574",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-17T19:31:34.936258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-17T19:35:48.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-18T19:18:11.333Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://www.dlink.com/en/security-bulletin/"
            },
            {
              "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-45574",
        "datePublished": "2023-10-16T00:00:00.000Z",
        "dateReserved": "2023-10-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T19:35:48.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }