Lucene search
HistoryJan 19, 2023 - 11:15 p.m.
CVE-2022-46476
cve-2022-46476
d-link
dir-859 a1
command injection
soapcgi_main
vulnerability
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.016 Low
EPSS
Percentile
87.4%
D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function.
Affected configurations
Node
dlinkdir-859_a1Match-
dlinkdir-859_a1_firmwareMatch1.05
| CPE | Name | Operator | Version |
|---|---|---|---|
| dlink:dir-859_a1_firmware | dlink dir-859 a1 firmware | eq | 1.05 |
Related
prion
prion
Command injection
2023-01-19 23:15:00
cnvd
cnvd
D-Link DIR-859 Command Injection Vulnerability
2023-01-30 00:00:00
cvelist
cvelist
CVE-2022-46476
2023-01-19 00:00:00
nvd
nvd
CVE-2022-46476
2023-01-19 23:15:23
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.016 Low
EPSS
Percentile
87.4%
Related for CVE-2022-46476