Lucene search

[email protected]NVD:CVE-2022-1262

HistoryApr 11, 2022 - 8:15 p.m.

CVE-2022-1262

2022-04-1120:15:18

CWE-78

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

28.5%

JSON

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.

Affected configurations

NVD

Node

dlinkdir-1360Matcha1

AND

dlinkdir-1360_firmwareMatch1.02b03

dlinkdir-1360_firmwareMatch1.03b02

dlinkdir-1360_firmwareMatch1.11b04

Node

dlinkdir-1760Match-

AND

dlinkdir-1760_firmwareMatch1.01b04

dlinkdir-1760_firmwareMatch1.11b03beta

Node

dlinkdir-1960Matcha1

AND

dlinkdir-1960_firmwareMatch1.02b01

dlinkdir-1960_firmwareMatch1.03b03

dlinkdir-1960_firmwareMatch1.11b03

Node

dlinkdir-2640Match-

AND

dlinkdir-2640_firmwareMatch1.11b02beta

Node

dlinkdir-2660Matcha1

AND

dlinkdir-2660_firmwareMatch1.04b03

dlinkdir-2660_firmwareMatch1.11b04

Node

dlinkdir-3040Match-

AND

dlinkdir-3040_firmwareMatch1.13b03beta

Node

dlinkdir-3060Match-

AND

dlinkdir-3060_firmwareMatch1.00b12

dlinkdir-3060_firmwareMatch1.11b04beta

Node

dlinkdir-867Matcha1

AND

dlinkdir-867_firmwareMatch1.20b10

Node

dlinkdir-878_firmwareMatch1.20b05

dlinkdir-878_firmwareMatch1.30b08

AND

dlinkdir-878Match-

Node

dlinkdir-882_firmwareMatch1.20b06

AND

dlinkdir-882Match-

Node

dlinkdir-1360_firmwareMatch1.00b15

dlinkdir-1360_firmwareMatch1.01b03

dlinkdir-1360_firmwareMatch1.11b04beta

AND

dlinkdir-1360Match-

Node

dlinkdir-1960_firmwareMatch1.11b03beta

AND

dlinkdir-1960Match-

Node

dlinkdir-2640_firmwareMatch1.01b04

dlinkdir-2640_firmwareMatch1.11b02

AND

dlinkdir-2640Matcha1

Node

dlinkdir-2660_firmwareMatch1.00b14

dlinkdir-2660_firmwareMatch1.01b03

dlinkdir-2660_firmwareMatch1.02b01

dlinkdir-2660_firmwareMatch1.03b04

dlinkdir-2660_firmwareMatch1.11b04beta

AND

dlinkdir-2660Match-

Node

dlinkdir-3040_firmwareMatch1.11b02

dlinkdir-3040_firmwareMatch1.12b01

dlinkdir-3040_firmwareMatch1.13b03

dlinkdir-3040_firmwareMatch1.20b03

AND

dlinkdir-3040Matcha1

Node

dlinkdir-3060_firmwareMatch1.01b07

dlinkdir-3060_firmwareMatch1.02b03

dlinkdir-3060_firmwareMatch1.11b02

dlinkdir-3060_firmwareMatch1.11b04

AND

dlinkdir-3060Matcha1

Node

dlinkdir-867_firmwareMatch1.10b04

dlinkdir-867_firmwareMatch1.30b07

AND

dlinkdir-867Match-

Node

dlinkdir-882_firmwareMatch1.30b06

dlinkdir-882_firmwareMatch1.30b10

AND

dlinkdir-882Matcha1

References

www.tenable.com/security/research/tra-2022-09

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

28.5%

JSON

Related for NVD:CVE-2022-1262

prion1 cvelist1 cve1