Cyber Resilience

CVE-2023-44959

HighPublic PoCRCE

Published: 10 October 2023

Published
10 October 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.4419 97.6th percentile
Risk Priority 44 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-44959 is a high-severity Command Injection (CWE-77) vulnerability in Dlink Dsl-3782 Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 2.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-44959 is a command-injection vulnerability (CWE-77) affecting D-Link DSL-3782 routers running firmware version 1.03 and earlier. The flaw resides in the Router IP Address fields of the network settings page and permits an authenticated user to supply crafted input that is executed with root privileges on the device.

An attacker who has already obtained valid credentials can reach the affected page over the network with low attack complexity and no user interaction. Successful exploitation grants arbitrary code execution as root, resulting in complete control over confidentiality, integrity, and availability of the router.

Public references consist of GitHub repositories that document the injection vector but do not include vendor advisories, patch availability, or mitigation guidance. The associated EPSS score has reached a peak of 0.4706 with a current value of 0.4419, indicating sustained exploitation interest after disclosure.

EU & UK References

Vulnerability details

An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
dsl-3782 firmware
≤ 1.03

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References