Vulnerability Details CVE-2022-40799
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.702
EPSS Ranking 98.6%
CVSS Severity
CVSS v3 Score 8.8
Proposed Action
D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated attacker to execute OS level commands on the device. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
Ransomware Campaign
Unknown
References
Products affected by CVE-2022-40799
-
cpe:2.3:h:dlink:dnr-322l:-
-
cpe:2.3:o:dlink:dnr-322l_firmware:-
-
cpe:2.3:o:dlink:dnr-322l_firmware:2.40
-
cpe:2.3:o:dlink:dnr-322l_firmware:2.60b13
-
cpe:2.3:o:dlink:dnr-322l_firmware:2.60b15