CVE-2023-51984
Published: 11 January 2024
Summary
CVE-2023-51984 is a critical-severity OS Command Injection (CWE-78) vulnerability in Dlink Dir-822 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 5.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
D-Link DIR-822+ firmware version 1.0.2 contains an OS command injection vulnerability (CWE-78) in the SetStaticRouteSettings function. The flaw carries a CVSS 3.1 score of 9.8 and permits unauthenticated remote attackers to supply crafted input that is passed directly to a system shell.
An attacker with network access can invoke the affected function to execute arbitrary operating-system commands on the device, resulting in full compromise of confidentiality, integrity, and availability without any user interaction or credentials.
Public disclosure of the issue appears in GitHub repositories that include technical details and proof-of-concept material; no vendor advisory or firmware patch information is referenced in the available sources. The associated EPSS score has remained at 0.1408 with no material increase observed since publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-56663
Vulnerability details
D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection in web function enables exploitation of public-facing application (T1190) for remote arbitrary Unix shell command execution (T1059.004).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.