CVE-2023-7163

CRITICAL

D-Link D-View 8 <= 2.0.2.89 - Improper Input Validation in Probe Inventory

Title source: llm

Description

A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory becoming full, or the execution of tasks on other probes.

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://tenable.com/security/research/tra-2023-43

Scores

CVSS v3 10.0

EPSS 0.0344

EPSS Percentile 87.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (1)

dlink/d-view_8 2.0.2.89

Published Dec 28, 2023

Tracked Since Feb 18, 2026