First published: Sun Mar 27 2022(Updated: )
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-820l Firmware | =1.05-b03 | |
Dlink Dir-820l | ||
All of | ||
Dlink Dir-820l Firmware | =1.05-b03 | |
Dlink Dir-820l | ||
D-Link DIR-820L | ||
All of | ||
=1.05-b03 | ||
The impacted product is end-of-life and should be disconnected if still in use.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26258 is a remote code execution vulnerability in the D-Link DIR-820L router.
CVE-2022-26258 has a severity rating of 9.8 (critical).
The D-Link DIR-820L router firmware version 1.05-b03 is affected by CVE-2022-26258.
An attacker can exploit CVE-2022-26258 by sending malicious input to the Device Name parameter in /lan.asp, which triggers remote code execution.
It is recommended to update to a fixed firmware version provided by D-Link to mitigate the vulnerability.