TL;DR

Following a malformed link could allow a remote attacker to take control of a Starlink router and Dishy on the local network.

Will be Published Soon.

• Attacking Starlink from the Internet - Codegate 2024

CVE

• CVE-2023-52235

TimeLine

• 2023-11-03 : Vulnerability reported to SpaceX/Starlink
• 2023-11-07 : Recognized as a security vulnerability with a severity of Severe ( Reward $7500 USD )
• 2023-12-20 : Patched in the latest release
  • For the Dishy, the fix is included in release 07dd2798-ff15-4722-a9ee-de28928aed34
  • For the router, the fix is included in release 2023.53.0.