Lucene search

K
cve[email protected]CVE-2022-1262
HistoryApr 11, 2022 - 8:15 p.m.

CVE-2022-1262

2022-04-1120:15:18
CWE-78
web.nvd.nist.gov
56
2
cve-2022-1262
command injection
protest binary
remote access
arbitrary commands
root access

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

28.4%

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.

Affected configurations

NVD
Node
dlinkdir-1360Matcha1
AND
dlinkdir-1360_firmwareMatch1.02b03
OR
dlinkdir-1360_firmwareMatch1.03b02
OR
dlinkdir-1360_firmwareMatch1.11b04
Node
dlinkdir-1760Match-
AND
dlinkdir-1760_firmwareMatch1.01b04
OR
dlinkdir-1760_firmwareMatch1.11b03beta
Node
dlinkdir-1960Matcha1
AND
dlinkdir-1960_firmwareMatch1.02b01
OR
dlinkdir-1960_firmwareMatch1.03b03
OR
dlinkdir-1960_firmwareMatch1.11b03
Node
dlinkdir-2640Match-
AND
dlinkdir-2640_firmwareMatch1.11b02beta
Node
dlinkdir-2660Matcha1
AND
dlinkdir-2660_firmwareMatch1.04b03
OR
dlinkdir-2660_firmwareMatch1.11b04
Node
dlinkdir-3040Match-
AND
dlinkdir-3040_firmwareMatch1.13b03beta
Node
dlinkdir-3060Match-
AND
dlinkdir-3060_firmwareMatch1.00b12
OR
dlinkdir-3060_firmwareMatch1.11b04beta
Node
dlinkdir-867Matcha1
AND
dlinkdir-867_firmwareMatch1.20b10
Node
dlinkdir-878_firmwareMatch1.20b05
OR
dlinkdir-878_firmwareMatch1.30b08
AND
dlinkdir-878Match-
Node
dlinkdir-882_firmwareMatch1.20b06
AND
dlinkdir-882Match-
Node
dlinkdir-1360_firmwareMatch1.00b15
OR
dlinkdir-1360_firmwareMatch1.01b03
OR
dlinkdir-1360_firmwareMatch1.11b04beta
AND
dlinkdir-1360Match-
Node
dlinkdir-1960_firmwareMatch1.11b03beta
AND
dlinkdir-1960Match-
Node
dlinkdir-2640_firmwareMatch1.01b04
OR
dlinkdir-2640_firmwareMatch1.11b02
AND
dlinkdir-2640Matcha1
Node
dlinkdir-2660_firmwareMatch1.00b14
OR
dlinkdir-2660_firmwareMatch1.01b03
OR
dlinkdir-2660_firmwareMatch1.02b01
OR
dlinkdir-2660_firmwareMatch1.03b04
OR
dlinkdir-2660_firmwareMatch1.11b04beta
AND
dlinkdir-2660Match-
Node
dlinkdir-3040_firmwareMatch1.11b02
OR
dlinkdir-3040_firmwareMatch1.12b01
OR
dlinkdir-3040_firmwareMatch1.13b03
OR
dlinkdir-3040_firmwareMatch1.20b03
AND
dlinkdir-3040Matcha1
Node
dlinkdir-3060_firmwareMatch1.01b07
OR
dlinkdir-3060_firmwareMatch1.02b03
OR
dlinkdir-3060_firmwareMatch1.11b02
OR
dlinkdir-3060_firmwareMatch1.11b04
AND
dlinkdir-3060Matcha1
Node
dlinkdir-867_firmwareMatch1.10b04
OR
dlinkdir-867_firmwareMatch1.30b07
AND
dlinkdir-867Match-
Node
dlinkdir-882_firmwareMatch1.30b06
OR
dlinkdir-882_firmwareMatch1.30b10
AND
dlinkdir-882Matcha1

CNA Affected

[
  {
    "product": "D-Link Routers",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 fir ...[truncated*]"
      }
    ]
  }
]

Social References

More

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

28.4%

Related for CVE-2022-1262