all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1832: D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability

Add to bookmarks
Dec. 20, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50216.

arbitrary code attackers authentication code code execution command command injection cve cves cvss d-link exploit file handling injection link network rating remote code remote code execution routers tar vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-407: X.Org Server ProcRenderAddGlyphs Use-After-Free Local Privilege Escalation Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code cve +23
ZDI-24-406: Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
adobe adobe after effects aep after effects +18
ZDI-24-405: Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers authentication authorization +20
ZDI-24-415: (Pwn2Own) Oracle VirtualBox E1000 Uninitialized Memory Information Disclosure Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-414: (Pwn2Own) Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code controller +22
ZDI-24-413: (Pwn2Own) Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-412: (Pwn2Own) Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers buffer buffer overflow +23
ZDI-24-411: (Pwn2Own) Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-410: Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability 1 day, 11 hours ago | www.zerodayinitiative.com
attacker attackers code cves +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Principal Security Analyst - Threat Labs (Position located in India) (Remote)

@ KnowBe4, Inc. | Kochi, India
View on infosec-jobs.com

Cyber Security - Cloud Security and Security Architecture - Manager - Multiple Positions - 1500860

@ EY | Dallas, TX, US, 75219
View on infosec-jobs.com

Enterprise Security Architect (Intermediate)

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Vulnerability Management Team Lead - North Central region (Remote)

@ GuidePoint Security LLC | Remote in the United States
View on infosec-jobs.com
View more jobs