关联漏洞
介绍
# CVE-2023-33781
## Description
D-Link DIR-842V2 v1.0.3 was discovered to allow a user to run an arbitrary binary when connecting to telnet. This vulnerability can be triggered using backup/restore functionality.
## Proof of concept
## Timeline
* Dec 09, 2022 - Contact vendor
* Dec 09, 2022 - Received response from vendor
* Dec 10, 2022 - Sent vulnerability report to vendor
* Feb 09, 2023 - Requested a status update from vendor
* Mar 29, 2023 - Requested a status update from vendor
* Mar 29, 2023 - Received a status update
* Mar 31, 2023 - Received a potentially fixed firmware from vendor
* Apr 03, 2023 - Reported to vendor that the new firmware fixes the vulnerability
* Apr 06, 2023 - Received response from vendor
* May 25, 2023 - Assigned CVE
* Jun 03, 2023 - Published exploit
文件快照
[4.0K] /data/pocs/b7bbf66c04bbc7fe1db08ba85816d773a5f2c041
├── [9.5K] exploit.py
├── [4.0K] images
│ └── [125K] execute_exploit.png
└── [ 842] README.md
1 directory, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。