CVE-2023-43284

high-risk

Published 2023-10-05

D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter.

Do I need to act?

37.7% chance of exploitation in next 30 days

EPSS score — higher than 62% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (1)

Dir-846 Firmware

Affected Vendors

Dlink

References (4)

Exploit https://github.com/MateusTesser/CVE-2023-43284

Exploit https://youtu.be/Y8osw_xU6-0

Exploit https://github.com/MateusTesser/CVE-2023-43284

Exploit https://youtu.be/Y8osw_xU6-0

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 16/34 · Moderate

Exposure 5/34 · Minimal