CVE-2022-28958: D-Link DIR-816L Remote Code Execution Vulnerability
First published: Wed May 18 2022(Updated: )
D-Link DIR-816L contains an unspecified vulnerability in the shareport.php value parameter which allows for remote code execution.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-816L | ||
| Dlink Dir-816l Firmware | =206b01 | |
| Dlink Dir-816l |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-28958?
CVE-2022-28958 is a remote code execution (RCE) vulnerability found in the D-Link DIR-816L router.
How severe is CVE-2022-28958?
CVE-2022-28958 has a severity rating of 9.8 (critical).
Which software or products are affected by CVE-2022-28958?
The D-Link DIR-816L router firmware version 206b01 is affected by CVE-2022-28958.
How can I fix CVE-2022-28958?
To fix CVE-2022-28958, update the D-Link DIR-816L router firmware to a version that is not vulnerable.
Where can I find more information about CVE-2022-28958?
You can find more information about CVE-2022-28958 at the following references: [Link 1](https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10300), [Link 2](https://github.com/shijin0925/IOT/blob/master/DIR816/3.md), [Link 3](https://vulncheck.com/blog/moobot-uses-fake-vulnerability)
- exploited/true
- collector/cisa-known-exploited
- collector/nvd-index
- collector/mitre-cve
- collector/nvd-api
- agent/type
- vendor/d-link
- canonical/d-link dir-816l
- status/disputed
- vendor/dlink
- canonical/dlink dir-816l firmware
- version/dlink dir-816l firmware/206b01
- canonical/dlink dir-816l
- status/rejected