D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability in the iperf3 diagnostics functionality.
- Dec 09, 2022 - Contact vendor
- Dec 09, 2022 - Received response from vendor
- Dec 10, 2022 - Sent vulnerability report to vendor
- Feb 09, 2023 - Requested a status update from vendor
- Mar 29, 2023 - Requested a status update from vendor
- Mar 29, 2023 - Received a status update
- Mar 31, 2023 - Received a potentially fixed firmware from vendor
- Apr 03, 2023 - Reported that the new firmware does not fix the vulnerability
- Apr 06, 2023 - Received response from vendor
- May 25, 2023 - Assigned CVE
- Jun 03, 2023 - Published exploit