CVE-2022-36785

🗓️ 17 Nov 2022 22:27:55Reported by INCDType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 62 Views🌐 WEB

D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypas

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2022-36785	29 Apr 202514:11	–	circl
CNNVD	D-Link G integrated Access Device4 安全漏洞	17 Nov 202200:00	–	cnnvd
Cvelist	CVE-2022-36785 D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass.	17 Nov 202222:27	–	cvelist
EUVD	EUVD-2022-39485	3 Oct 202520:07	–	euvd
NVD	CVE-2022-36785	17 Nov 202223:15	–	nvd
OSV	CVE-2022-36785	17 Nov 202223:15	–	osv
Prion	Authorization	17 Nov 202223:15	–	prion
Positive Technologies	PT-2022-23624 · D Link · D-Link G Integrated Access Device4	17 Nov 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-36785	5 Feb 202522:46	–	redhatcve
Vulnrichment	CVE-2022-36785 D-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass.	17 Nov 202222:27	–	vulnrichment

NVD

Node

dlink g_integrated_access_device4_firmwareMatch1.0

AND

dlink g_integrated_access_device4Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "G integrated Access Device4",
    "vendor": "D-Link",
    "versions": [
      {
        "lessThan": " Upgrade to the latest version.",
        "status": "affected",
        "version": "All versions",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
gov	www.gov.il/en/Departments/faq/cve_advisories

Parameter	Position	Path	Description	CWE
username	path	login.asp	Information Disclosure via login.aspx login form and default admin credentials; potential unauthorized access to web interface.	CWE-863
password	path	login.asp	Information Disclosure via login.aspx login form and default admin credentials; potential unauthorized access to web interface.	CWE-863

29 Apr 2025 14:15Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.5

EPSS0.00468

SSVC

CWE-863