What is CVE-2022-28958?

CVE-2022-28958 is a remote code execution (RCE) vulnerability found in the D-Link DIR-816L router.

How severe is CVE-2022-28958?

CVE-2022-28958 has a severity rating of 9.8 (critical).

Which software or products are affected by CVE-2022-28958?

The D-Link DIR-816L router firmware version 206b01 is affected by CVE-2022-28958.

How can I fix CVE-2022-28958?

To fix CVE-2022-28958, update the D-Link DIR-816L router firmware to a version that is not vulnerable.

Where can I find more information about CVE-2022-28958?

You can find more information about CVE-2022-28958 at the following references: [Link 1](https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10300), [Link 2](https://github.com/shijin0925/IOT/blob/master/DIR816/3.md), [Link 3](https://vulncheck.com/blog/moobot-uses-fake-vulnerability)

Vulnerability/
CVE-2022-28958

Exploited

critical

9.8

18/5/2022

29/11/2023

CVE-2022-28958: D-Link DIR-816L Remote Code Execution Vulnerability

First published: Wed May 18 2022(Updated: )

** DISPUTED ** D-Link DIR816L_FW206b01 was discovered to contain a remote code execution (RCE) vulnerability via the value parameter at shareport.php. NOTE: this has been disputed by a third party.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
D-Link DIR-816L
Dlink Dir-816l Firmware	=206b01
Dlink Dir-816l

Remedy

This CVE is currently in disputed status. During the review process, agencies should update per vendor instructions.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-28958?
CVE-2022-28958 is a remote code execution (RCE) vulnerability found in the D-Link DIR-816L router.
How severe is CVE-2022-28958?
CVE-2022-28958 has a severity rating of 9.8 (critical).
Which software or products are affected by CVE-2022-28958?
The D-Link DIR-816L router firmware version 206b01 is affected by CVE-2022-28958.
How can I fix CVE-2022-28958?
To fix CVE-2022-28958, update the D-Link DIR-816L router firmware to a version that is not vulnerable.
Where can I find more information about CVE-2022-28958?
You can find more information about CVE-2022-28958 at the following references: [Link 1](https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10300), [Link 2](https://github.com/shijin0925/IOT/blob/master/DIR816/3.md), [Link 3](https://vulncheck.com/blog/moobot-uses-fake-vulnerability)

exploited/true
collector/cisa-known-exploited
collector/nvd-index
collector/mitre-cve
collector/nvd-api
agent/type
agent/references
agent/severity
agent/title
agent/author
agent/description
agent/event
agent/remedy
agent/status
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
agent/trending
vendor/d-link
canonical/d-link dir-816l
status/disputed
vendor/dlink
canonical/dlink dir-816l firmware
version/dlink dir-816l firmware/206b01
canonical/dlink dir-816l
status/rejected

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.