CVE-2023-5074

Summary

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28

Affected Software

VendorProductVersion RangeStatus
D-LinkD-View 82.0.1.28affected

Weaknesses

  • CWE-798: CWE-798 Use of Hard-coded Credentials

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References