Article

Alert: D-LINK Security Updates – May 2023

D-Link has released security updates for two critical vulnerabilities (CVE-2023-32165 and CVE-2023-32169) in its D-View 8 network management suite, rated 9.8 out of 10 in CVSSv3. These vulnerabilities enable remote attackers to bypass authentication and execute arbitrary code on affected systems.

Affected Systems

D-View 8 software version 2.0.1.27 and below.

Security Risks

The identified vulnerability in D-Link's D-View 8 network management suite presented significant security risks, as they could allow remote attackers to bypass authentication mechanisms and execute arbitrary code on compromised systems.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

Follow D-Link's security bulletin to lower the risk of potential exploits, protect systems, and ensure their security.
Apply the required and latest security updates as soon as possible.

The released software version to upgrade to is:

D-View 8 version, 2.0.1.28.

Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

D-Link's security bulletin.

https://www.zerodayinitiative.com/advisories/ZDI-23-714/

https://www.zerodayinitiative.com/advisories/ZDI-23-716/

https://dview.dlink.com/freetrial

https://dview.dlink.com/supportedModel

29 May 2023

More updates

11 April 2024

Alert: Microsoft Security Updates – April 2024

Microsoft released security updates to address vulnerabilities in multiple products.

11 April 2024

Alert: Fortinet Security Updates – April 2024

Fortinet has released security updates to address vulnerabilities in multiple products.

11 April 2024

Alert: Adobe Security Updates – April 2024

Adobe has released security updates to address multiple vulnerabilities in its software.

02 April 2024

Alert: Revised Apple Security Updates – March 2024

Apple released security updates to address a vulnerability (CVE-2024-1580) in Apple products, including Safari, iOS, iPadOS and macOS.

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

D-Link has released security updates for two critical vulnerabilities (CVE-2023-32165 and CVE-2023-32169) in its D-View 8 network management suite, rated 9.8 out of 10 in CVSSv3. These vulnerabilities enable remote attackers to bypass authentication and execute arbitrary code on affected systems.

Affected Systems

D-View 8 software version 2.0.1.27 and below.

Security Risks

The identified vulnerability in D-Link's D-View 8 network management suite presented significant security risks, as they could allow remote attackers to bypass authentication mechanisms and execute arbitrary code on compromised systems.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

Follow D-Link's security bulletin to lower the risk of potential exploits, protect systems, and ensure their security.

Apply the required and latest security updates as soon as possible.

The released software version to upgrade to is:

D-View 8 version, 2.0.1.28.

Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

D-Link's security bulletin.

https://www.zerodayinitiative.com/advisories/ZDI-23-714/

https://www.zerodayinitiative.com/advisories/ZDI-23-716/

https://dview.dlink.com/freetrial

https://dview.dlink.com/supportedModel