Exploit for Command Injection in Dlink Dir-842V2 Firmware CVE-2023-33782

Name: Exploit for Command Injection in Dlink Dir-842V2 Firmware CVE-2023-33782
Rating: 5 (646 reviews)

2023-06-03 | CVSS 8.8

## https://sploitus.com/exploit?id=2B1AE8A0-2F7F-5646-9ACD-B8ACDAB16ECD
# CVE-2023-33782

## Description
D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability in the `iperf3` diagnostics functionality.

## Proof of concept
![Proof Of Concept](./images/execute_exploit.png)

## Timeline
* Dec 09, 2022 - Contact vendor
* Dec 09, 2022 - Received response from vendor
* Dec 10, 2022 - Sent vulnerability report to vendor
* Feb 09, 2023 - Requested a status update from vendor
* Mar 29, 2023 - Requested a status update from vendor
* Mar 29, 2023 - Received a status update
* Mar 31, 2023 - Received a potentially fixed firmware from vendor
* Apr 03, 2023 - Reported that the new firmware does not fix the vulnerability
* Apr 06, 2023 - Received response from vendor
* May 25, 2023 - Assigned CVE
* Jun 03, 2023 - Published exploit