21:["$","$L23",null,{"profile":{"vuln_id":"cve:CVE-2023-31814","canonical_namespace":"cve","identifiers":[{"namespace":"cve","id":"CVE-2023-31814"}],"cve_id":"CVE-2023-31814","ghsa_ids":[],"other_ids":{},"title":"CVE-2023-31814: D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.","description":"D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php.","severity":"CRITICAL","cvss_score":9.8,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_metrics":[{"source":"nvd","version":"3.1","score":9.8,"vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","severity":"CRITICAL"}],"cwes":["CWE-706"],"attack_techniques":[],"affected_packages":["dlink/dir-300_firmware"],"affected_ranges":[{"package":"dlink/dir-300_firmware","ecosystem":"NVD","introduced":"$undefined","fixed":"$undefined","last_affected":"1.06"},{"package":"dlink/dir-300_firmware","ecosystem":"NVD","introduced":"$undefined","fixed":"$undefined","last_affected":"2.06"}],"epss":null,"epss_percentile":null,"kev":false,"kev_due_date":null,"exploit_available":false,"in_wild":false,"published_at":"2023-05-23","last_modified":null,"source_types":["vulnerability"],"documents_by_type":{"vulnerability":1},"references":[{"url":"https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade"},{"url":"https://www.dlink.com/en/security-bulletin/"},{"url":"https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade"},{"url":"https://www.dlink.com/en/security-bulletin/"}],"timeline":[{"kind":"published","date":"2023-05-23","label":null}]},"children":{"overview":[["$","div",null,{"className":"text-[13.5px] leading-[1.65] text-fg-1 max-w-[74ch] whitespace-pre-line","children":"D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php."}],[["$","h3",null,{"className":"text-[13px] font-semibold mt-6 mb-2","children":"Affected"}],["$","$L24",null,{"ranges":"$21:props:profile:affected_ranges"}]],false],"advisories":["$","div",null,{"className":"flex flex-col divide-y divide-line-1","children":[["$","a","ghsa_unreviewed:GHSA-7wrc-fqxq-c226",{"href":"https://github.com/advisories/GHSA-7wrc-fqxq-c226","target":"_blank","rel":"noopener noreferrer","className":"block","children":["$","div",null,{"className":"py-3 px-2 hover:bg-bg-1 grid grid-cols-[auto_1fr] gap-3 items-start","children":[["$","span",null,{"className":"inline-flex items-center justify-center w-20 px-1.5 py-0.5 text-xs font-medium rounded border text-center truncate bg-red-500/20 text-red-300 border-red-500/40","children":"GHSA"}],["$","div",null,{"className":"min-w-0","children":[["$","div",null,{"className":"text-[13px] text-fg-0 leading-snug text-wrap-pretty truncate","children":"GHSA-7wrc-fqxq-c226: D-Link DIR-300 firmware <=REVA1"}],["$","div",null,{"className":"flex flex-wrap gap-2 items-center mt-1 font-mono text-[10.5px] text-fg-2","children":[["$","span",null,{"children":"ghsa_unreviewed"}],[["$","span",null,{"className":"text-fg-3","children":"·"}],["$","span",null,{"children":"2023-05-23"}]],false]}],["$","div",null,{"className":"mt-1.5 text-[12px] text-fg-1 line-clamp-2 leading-snug","children":"CVE-2023-31814 [CRITICAL] CWE-706 GHSA-7wrc-fqxq-c226: D-Link DIR-300 firmware <=REVA1\nD-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php."}]]}]]}]}]]}],"detections":["$","div",null,{"className":"text-fg-3 text-[12.5px] font-mono","children":"No detection rules found."}],"exploits":["$","div",null,{"className":"text-fg-3 text-[12.5px] font-mono","children":"No public exploits indexed."}],"writeups":["$","div",null,{"className":"text-fg-3 text-[12.5px] font-mono","children":"No writeups or analysis indexed."}],"references":["$","div",null,{"className":"grid gap-1","children":[[["$","a","0",{"href":"https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade","target":"_blank","rel":"noreferrer noopener","className":"block px-2 py-1.5 rounded-[var(--radius)] hover:bg-bg-1 text-[12px] text-fg-1 hover:text-fg-0 font-mono truncate","children":"https://gist.github.com/1915504804/9503198d3cbd5bc7db47625ac0caaade"}],"$L25","$L26","$L27"],false]}],"timeline":"$L28"}}]

Vendor	Product	Version range	Fixed in
dlink	dir-300_firmware	<= 1.06	—
dlink	dir-300_firmware	<= 2.06	—