CVE-2023-7163

CWE-20Improper Input Validation3 documents3 sources
Severity
9.8CRITICAL
EPSS
3.4%
top 12.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link D-view 8Dlink D-view 8
Timeline
PublishedDec 28

Description

A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory becoming full, or the execution of tasks on other probes.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

CVEListV5d-link/d-view_82.0.2.89
NVDdlink/d-view_82.0.2.89

🔴Vulnerability Details

2
GHSA
GHSA-5mmm-33gx-vhf7: A security issue exists in D-Link D-View 8 v22023-12-28
CVEList
D-Link D-View 8 Unauthenticated Probe-Core Server Communication2023-12-28