Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-33781. PoCs published by s0tr.
AI-analyzed exploit summary This PoC exploits CVE-2023-33781 in D-Link DIR-842V2 v1.0.3 by modifying the backup/restore functionality to enable unauthenticated telnet access via arbitrary binary execution. It logs in, downloads the config, modifies Telnet settings, and restores the altered config to trigger the vulnerability.
Description
An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file.
Exploits (1)
This PoC exploits CVE-2023-33781 in D-Link DIR-842V2 v1.0.3 by modifying the backup/restore functionality to enable unauthenticated telnet access via arbitrary binary execution. It logs in, downloads the config, modifies Telnet settings, and restores the altered config to trigger the vulnerability.
References (4)
Scores
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H