Lucene search

K
nvd[email protected]NVD:CVE-2022-36523
HistoryAug 15, 2022 - 5:15 p.m.

CVE-2022-36523

2022-08-1517:15:13
CWE-77
web.nvd.nist.gov
2
d-link
go-rt-ac750
firmware
command injection
gena.php
vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

46.6%

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php.

Affected configurations

Nvd
Node
dlinkgo-rt-ac750_firmwareMatch101b03
AND
dlinkgo-rt-ac750Matchrevision_a
Node
dlinkgo-rt-ac750_firmwareMatch200b02
AND
dlinkgo-rt-ac750Matchrevision_b
VendorProductVersionCPE
dlinkgo-rt-ac750_firmware101b03cpe:2.3:o:dlink:go-rt-ac750_firmware:101b03:*:*:*:*:*:*:*
dlinkgo-rt-ac750revision_acpe:2.3:h:dlink:go-rt-ac750:revision_a:*:*:*:*:*:*:*
dlinkgo-rt-ac750_firmware200b02cpe:2.3:o:dlink:go-rt-ac750_firmware:200b02:*:*:*:*:*:*:*
dlinkgo-rt-ac750revision_bcpe:2.3:h:dlink:go-rt-ac750:revision_b:*:*:*:*:*:*:*

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

46.6%

Related for NVD:CVE-2022-36523