3 matches found
CVE-2022-43643
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service, which listens on TC...
CVE-2022-43643
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Generic plugin for the xupnpd service, which listens on TC...
CVE-2022-43643
CVE-2022-43643 concerns a remote command injection in the D-Link DIR-825 1.0.9/EE router. The flaw is in the xupnpd Generic plugin listening on TCP port 4044, arising from inadequate validation of user-supplied input used in a system call. This allows network-adjacent attackers to execute code wi...