CVE-2023-5143: Critical Vulnerability Found in Unsupported D-Link DAR-700 Firmware (up to 20151231)

A critical vulnerability, CVE-2023-5143, has been discovered in the D-Link DAR-700 firmware, specifically in versions up to 20151231. This vulnerability affects the processing of the file /log/webmailattach.php and has been assigned an identifier of VDB-240239. Unfortunately, since the D-Link DAR-700 is no longer supported by its maintainer, no patch or fix has been developed for this issue. D-Link has recommended retiring and replacing affected products as soon as possible to prevent the vulnerability from being exploited by malicious actors.

Exploit Details

The vulnerability lies in the manipulation of the "table_name" argument in the /log/webmailattach.php file. The exact details of how this manipulation leads to an unknown weakness are not available. However, it is known that the vulnerability can be exploited remotely, and the exploit code has been publicly disclosed. This means that any attacker with knowledge of the exploit may be able to take advantage of it.

A code snippet illustrating the vulnerability in /log/webmailattach.php would look as follows

<?php
    $table_name = $_GET['table_name'];
    // Vulnerable processing of table_name
    // ...
?>

In this example, the "table_name" variable is populated from user input without proper validation or sanitization, making it vulnerable to malicious input.

Original References

For more information about the vulnerability and the affected firmware, you can refer to the following resources:

1. CVE-2023-5143: D-Link DAR-700 Vulnerability
2. VDB-240239: Vulnerability Database Entry
3. D-Link Support: End-of-Life Products

Mitigation and Recommendations

As mentioned earlier, the vendor (D-Link) has confirmed that the DAR-700 is end-of-life and no longer supported. Users of affected D-Link products are advised to retire and replace them to avoid exploitation of this vulnerability. When selecting new products, it is essential to choose ones that have ongoing support from the manufacturer and receive regular firmware updates. It is also important to stay informed about any known vulnerabilities in the products being used and follow the recommended security practices, such as regularly updating software and hardware to the latest versions.

Timeline

Published on: 09/24/2023 23:15:10 UTC
Last modified on: 11/07/2023 04:23:30 UTC