| Title | D-LINK DIR-846 FW100A53DBR Remote Command Execution |
|---|
| Description | D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via keys smartqos_express_devices and smartqos_normal_devices in SetSmartQoSSettings. This vulnerability is exploited via a crafted POST request. Another key is covered by CVE-2023-43284. |
|---|
| Source | ⚠️ https://github.com/c2dc/cve-reported/blob/main/CVE-2023-XXXX/CVE-2023-XXXX%20.md |
|---|
| User | francoa.taffarel (UID 58833) |
|---|
| Submission | 11/23/2023 02:38 (3 years ago) |
|---|
| Moderation | 12/07/2023 14:16 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 247161 [D-Link DIR-846 FW100A53DBR QoS POST /HNAP1/ smartqos_express_devices/smartqos_normal_devices deserialization] |
|---|
| Points | 18 |
|---|