Lucene search

K
cve[email protected]CVE-2022-46552
HistoryFeb 02, 2023 - 1:15 p.m.

CVE-2022-46552

2023-02-0213:15:09
CWE-78
web.nvd.nist.gov
19
d-link
dir-846
firmware
fw100a53dbr
remote command execution
rce
vulnerability
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.082 Low

EPSS

Percentile

94.4%

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.

Affected configurations

NVD
Node
dlinkdir-846Match-
AND
dlinkdir-846_firmwareMatch100a53dbr

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.082 Low

EPSS

Percentile

94.4%