CVE-2022-44806 D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.

An attacker can send specially crafted TCP packets to the targeted device and cause it to crash. A successful D-Link DIR-882 1.10B02 and 1.20B06 Buffer Overflow attack can result in remote code execution. D-Link DIR-882 1.10B02 and 1 can be exploited via Remote Code Execution. A hacker must send the victim a specially crafted URL with a malicious plugin to run a successful attack. D-Link DIR-882 1.10B02 and 1.20B06 has a Pre-Auth Code Redirection vulnerability. An attacker can send specially crafted HTTP requests to the device and cause it to crash. A successful D-Link DIR-882 1.10B02 and 1.20B06 Pre-Auth Code Redirection attack can result in remote code execution. D-Link DIR-882 1.10B02 and 1 has a Cross-Site Scripting vulnerability. A hacker can send maliciously crafted HTTP requests to the device and steal sensitive information. A successful D-Link DIR-882 1.10B02 and 1 Cross-Site Scripting attack can result in injection of malicious codes into web pages viewed by the user. D-Link DIR-882 1.10B02 and 1 has a Persistent XSS vulnerability. An attacker can send maliciously crafted HTTP requests to the device and steal sensitive information. A successful DRedLink DIR-882 1.10B02

If you’re using D-Link DIR-880 1.10B03, upgrade to D-Link DIR-882 1.10B02 or 1.20B06. If you’re using an older firmware, consider updating to the latest version of your device’s firmware.

An attacker can send specially crafted TCP packets to the targeted device and cause it to crash. A successful D-Link DIR-882 1.10B02 and 1.20B06 Buffer Overflow attack can result in remote code execution. D-Link DIR-882 1.10B02 and 1 can be exploited via Remote Code Execution. A hacker must send the victim a specially crafted URL with a malicious plugin to run a successful attack. D-Link DIR-882 1.10B02 and 1.20B06 has a Pre-Auth Code Redirection vulnerability. An attacker can send specially crafted HTTP requests to the device and cause it to crash. A successful D-Link DIR-882 1.10B02 and 1 Pre-Auth Code Redirection attack can result in remote code execution.

D-Link releases firmware updates for its DIR-869 1.20B06 and DIR-882 1.10B02 and 1.20B06 products to fix these vulnerabilities.

D-Link DIR-882 1.10B02 and 1.20B06 has a Pre-Auth Code Redirection vulnerability. An attacker can send specially crafted HTTP requests to the device and cause it to crash. A successful D-Link DIR-882 1.10B02 and 1.20B06 Pre-Auth Code Redirection attack can result in remote code execution. D-Link DIR-882 1.10B02 and 1 has a Cross-Site Scripting vulnerability. A hacker can send maliciously crafted HTTP requests to the device and steal sensitive information. A successful DRedLink DIR-882 1.10B02

1.10B02 and 1.20B06 Buffer Overflow
D-Link DIR-822 1.10B02 and 1.20B06 has a Buffer Overflow vulnerability in the HTTP server module. An attacker can send specially crafted TCP packets to the targeted device and cause it to crash. A successful D-Link DIR-822 1.10B02 and 1.20B06 HTTP Server Buffer Overflow attack can result in remote code execution.

Timeline

Published on: 11/22/2022 15:15:00 UTC
Last modified on: 11/23/2022 19:53:00 UTC

References