Vulnerability Details CVE-2022-26258
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.899
EPSS Ranking 99.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.
Ransomware Campaign
Unknown
References
- http://dir-820l.com
- http://dlink.com
- https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0
- https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md
- https://www.dlink.com/en/security-bulletin/
- http://dir-820l.com
- http://dlink.com
- https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0
- https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md
- https://www.dlink.com/en/security-bulletin/
Products affected by CVE-2022-26258
-
cpe:2.3:h:dlink:dir-820l:-
-
cpe:2.3:o:dlink:dir-820l_firmware:1.05