CVE-2023-7163
CRITICAL WAF: Medium
CVSS 9.8
Published: 2023-12-28
CWE-20
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of information from other probes, denial of service conditions due to the probe inventory becoming full, or the execution of tasks on other probes.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| dlink | d-view_8 | 2.0.2.89 |
References
- tenable.com (Exploit, Third Party Advisory)