Cyber Resilience

CVE-2023-43237

CriticalPublic PoC

Published: 21 September 2023

Published
21 September 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.5799 98.2th percentile
Risk Priority 54 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-43237 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Dlink Dir-816 A2 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 1.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

D-Link DIR-816 A2 firmware version 1.10CNB05 contains a stack-based buffer overflow vulnerability (CWE-121, CWE-787) in the setMAC function triggered by the macCloneMac parameter. The flaw permits an out-of-bounds write on the stack and carries a CVSS 3.1 score of 9.8, reflecting network attack vector, low complexity, and no required authentication or user interaction.

An unauthenticated remote attacker can send a crafted HTTP request containing an oversized macCloneMac value to the device's web management interface, resulting in arbitrary code execution, denial of service, or full device takeover. Successful exploitation grants the attacker the same privileges as the firmware process, typically root-level control over the router.

Public references include a detailed proof-of-concept on GitHub and D-Link's security bulletin page; the bulletin does not enumerate specific firmware patches or workarounds in the supplied references. The CVE's EPSS score has reached a peak of 0.6064 with a current value of 0.5799, indicating sustained exploitation interest after disclosure.

EU & UK References

Vulnerability details

D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
dir-816 a2 firmware
1.10cnb05

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References