Lucene search
HistoryJan 27, 2023 - 9:15 p.m.
CVE-2022-48107
d-link
dir_878
fw1.30b08
command injection
vulnerability
cve-2022-48107
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.2%
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload.
Affected configurations
Node
dlinkdir_878Match-
dlinkdir_878_firmwareMatch1.30b08
| CPE | Name | Operator | Version |
|---|---|---|---|
| dlink:dir_878_firmware | dlink dir 878 firmware | eq | 1.30b08 |
Related
cvelist
cvelist
CVE-2022-48107
2023-01-27 00:00:00
nvd
nvd
CVE-2022-48107
2023-01-27 21:15:10
prion
prion
Command injection
2023-01-27 21:15:00
openvas
openvas
D-Link DIR-878 <= 1.30B08 Multiple Command Injection Vulnerabilities
2023-02-27 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.2%
Related for CVE-2022-48107