3 matches found
CVE-2022-43631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43631
CVE-2022-43631 affects D-Link DIR-1935 (firmware 1.03). The bug is in the web portal’s SetVirtualServerSettings handling, where parsing subelements of VirtualServerInfo does not properly validate a user-supplied string before it is used to execute a system call. This enables network-adjacent atta...