Cyber Resilience

CVE-2023-44693

CriticalPublic PoC

Published: 17 October 2023

Published
17 October 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0853 92.6th percentile
Risk Priority 25 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-44693 is a critical-severity SQL Injection (CWE-89) vulnerability in Dlink Dar-7000 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 7.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

D-Link Online behavior audit gateway DAR-7000 version V31R02B1413C contains a SQL injection vulnerability (CWE-89) in the /importexport.php endpoint. The flaw carries a CVSS 3.1 base score of 9.8, reflecting network-accessible attack complexity that is low, requires no authentication or user interaction, and can impact confidentiality, integrity, and availability at the highest level.

An unauthenticated remote attacker can supply crafted input to the affected endpoint and execute arbitrary SQL commands against the backend database. Successful exploitation grants the ability to read, modify, or delete data and potentially take full control of the device.

Public references consist of proof-of-concept details hosted on GitHub that demonstrate the injection vector; no vendor advisory or patch information is included in the available references. The associated EPSS score reached a peak of 0.1058 on 2025-12-11 before receding to its current value of 0.0836.

EU & UK References

Vulnerability details

D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
dar-7000 firmware
v31r02b1413c

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

References