CVE-2023-43130

Vulnerability

The D-Link DIR-806 wireless router (model DIR806A1) running firmware version DIR806A1_FW100CNb11 contains a command injection vulnerability [1]. The exact input vector is not disclosed in the available references, but the vulnerability allows an attacker to inject operating system commands through a crafted request.

Exploitation

Exploitation requires network access to the router's management interface. The attacker must be able to send a specially crafted HTTP request to the vulnerable endpoint. No authentication is mentioned as required, but typical router management interfaces may require credentials. The specific steps are not detailed in the public description.

Impact

Successful exploitation results in arbitrary command execution on the device with root privileges, as the router's web interface typically runs with elevated permissions. This can lead to full compromise of the router, including data exfiltration, further network attacks, or device takeover.

Mitigation

As of the publication date (2023-09-22), no firmware update or patch has been released by D-Link to address this vulnerability. Users are advised to restrict access to the router's management interface to trusted networks and monitor for any official security advisories from D-Link [1].