CVE-2022-29332: Path Traversal
First published: Tue May 17 2022(Updated: )
D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the "../../../../" setting of the FTP server folder to set the router's root folder for FTP access. This allows you to access the entire router file system via the FTP server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dir-825 Firmware | =2022.01.13-13.48 | |
| Dlink Dir-825 | =r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-29332.
What is the severity of CVE-2022-29332?
The severity of CVE-2022-29332 is medium (6.5).
What is the affected software?
The affected software is D-LINK DIR-825 AC1200 R2 with firmware version 2022.01.13-13.48.
What is the description of CVE-2022-29332?
CVE-2022-29332 is a Directory Traversal vulnerability in D-LINK DIR-825 AC1200 R2, which allows an attacker to access the entire router file system via the FTP server.
How can I fix CVE-2022-29332?
There is currently no official fix available for CVE-2022-29332. It is recommended to monitor for vendor updates and apply patches as soon as they are released.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/dlink
- canonical/dlink dir-825 firmware
- version/dlink dir-825 firmware/2022.01.13-13.48
- canonical/dlink dir-825
- version/dlink dir-825/r2