Authentication Bypass in D-Link DIR-859 via phpcgi_main
CVE-2023-36092 Published on July 31, 2023
Authentication Bypass vulnerability in D-Link DIR-859 FW105b03 allows remote attackers to gain escalated privileges via via phpcgi_main. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Vulnerability Analysis
Weakness Type
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2023-36092 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2023-36092
Want to know whenever a new CVE is published for D-Link Dir 859 Firmware? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.