CVE-2022-43632
CVE-2022-43632 affects D-Link DIR-1935 firmware 1.03. The flaw is in SetQoSSettings QoSInfo parsing: unvalidated user-supplied data is used in a system call, allowing network-adjacent attackers to achieve code execution as root. Exploitation details are documented by ZDI (ZDI-22-1504) and other f...