CVE-2023-44959
Published: 10 October 2023
Summary
CVE-2023-44959 is a high-severity Command Injection (CWE-77) vulnerability in Dlink Dsl-3782 Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 2.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-44959 is a command-injection vulnerability (CWE-77) affecting D-Link DSL-3782 routers running firmware version 1.03 and earlier. The flaw resides in the Router IP Address fields of the network settings page and permits an authenticated user to supply crafted input that is executed with root privileges on the device.
An attacker who has already obtained valid credentials can reach the affected page over the network with low attack complexity and no user interaction. Successful exploitation grants arbitrary code execution as root, resulting in complete control over confidentiality, integrity, and availability of the router.
Public references consist of GitHub repositories that document the injection vector but do not include vendor advisories, patch availability, or mitigation guidance. The associated EPSS score has reached a peak of 0.4706 with a current value of 0.4419, indicating sustained exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-49282
Vulnerability details
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.