Lucene search

[email protected]CVE-2023-25281

HistoryMar 16, 2023 - 1:15 a.m.

CVE-2023-25281

2023-03-1601:15:46

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-25281

stack overflow

pingv4msg

d-link

denial of service

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

36.2%

JSON

A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp.

Affected configurations

NVD

Node

dlinkdir820la1Match-

AND

dlinkdir820la1_firmwareMatch105b03

CPENameOperatorVersion
dlink:dir820la1_firmwaredlink dir820la1 firmwareeq105b03

CPE	Name	Operator	Version
dlink:dir820la1_firmware	dlink dir820la1 firmware	eq	105b03

References

github.com/migraine-sudo/D_Link_Vuln/tree/main/stackoverflow%20cancelPing

www.dlink.com/en/security-bulletin/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

36.2%

JSON

Related for CVE-2023-25281

cvelist1 prion1 nvd1 openvas1