Vulnerability Details CVE-2022-40946
On D-Link DIR-819 Firmware Version 1.06 Hardware Version A1 devices, it is possible to trigger a Denial of Service via the sys_token parameter in a cgi-bin/webproc?getpage=html/index.html request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.0%
CVSS Severity
CVSS v3 Score 7.5
References
- http://packetstormsecurity.com/files/171484/D-Link-DIR-819-A1-Denial-Of-Service.html
- https://github.com/whokilleddb/dlink-dir-819-dos
- https://www.dlink.com/en/security-bulletin/
- http://packetstormsecurity.com/files/171484/D-Link-DIR-819-A1-Denial-Of-Service.html
- https://github.com/whokilleddb/dlink-dir-819-dos
- https://www.dlink.com/en/security-bulletin/
Products affected by CVE-2022-40946
-
cpe:2.3:h:dlink:dir-819:a1
-
cpe:2.3:o:dlink:dir-819_firmware:1.06