CVE-2023-45572
CRITICALD-Link DI-7003G/DI-7100G+/DI-7100G/DI-7200G+/DI-7200G/DI-7300G+/DI-7400G+ Buffer Overflow via tgfile.htm
Title source: llmDescription
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md
Scores
CVSS v3
9.8
EPSS
0.0815
EPSS Percentile
92.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (7)
dlink/di-7003g_firmware
< 23.08.25d1
dlink/di-7100g\+_firmware
< 23.08.23d1
dlink/di-7100g_firmware
< 23.08.23d1
dlink/di-7200g\+_firmware
< 23.08.23d1
dlink/di-7200g_firmware
< 23.08.23e1
dlink/di-7300g\+_firmware
< 23.08.23d1
dlink/di-7400g\+_firmware
< 23.08.23d1
Published
Oct 16, 2023
Tracked Since
Feb 18, 2026