Vulnerabilities > CVE-2023-33735 - Unspecified vulnerability in Dlink Dir-846 Firmware 100A52

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dlink

critical

NVD

Published: 2023-05-31

Updated: 2023-06-07

Summary

D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface.

Vulnerable Configurations

Part	Description	Count
OS	Dlink Dlink DIR 846 Firmware 100A52	1
Hardware	Dlink Dlink DIR 846 -	1

References

https://www.dlink.com/en/security-bulletin/
https://github.com/Tyaoo/IoT-Vuls/blob/main/dlink/DIR-846/vul.md