CVE-2022-38873

Name of the Vulnerable Software and Affected Versions D-Link DAP-2310 versions 2.10rc036 and earlier D-Link DAP-2330 versions 1.06rc020 and earlier D-Link DAP-2360 versions 2.10rc050 and earlier D-Link DAP-2553 versions 3.10rc031 and earlier D-Link DAP-2660 versions 1.15rc093 and earlier D-Link DAP-2690 versions 3.20rc106 and earlier D-Link DAP-2695 versions 1.20rc119 beta31 and earlier D-Link DAP-3320 versions 1.05rc027 beta and earlier D-Link DAP-3662 versions 1.05rc047 and earlier

Description The issue allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.

Recommendations For D-Link DAP-2310 versions 2.10rc036 and earlier, update to a version later than 2.10rc036 to resolve the issue. For D-Link DAP-2330 versions 1.06rc020 and earlier, update to a version later than 1.06rc020 to resolve the issue. For D-Link DAP-2360 versions 2.10rc050 and earlier, update to a version later than 2.10rc050 to resolve the issue. For D-Link DAP-2553 versions 3.10rc031 and earlier, update to a version later than 3.10rc031 to resolve the issue. For D-Link DAP-2660 versions 1.15rc093 and earlier, update to a version later than 1.15rc093 to resolve the issue. For D-Link DAP-2690 versions 3.20rc106 and earlier, update to a version later than 3.20rc106 to resolve the issue. For D-Link DAP-2695 versions 1.20rc119 beta31 and earlier, update to a version later than 1.20rc119 beta31 to resolve the issue. For D-Link DAP-3320 versions 1.05rc027 beta and earlier, update to a version later than 1.05rc027 beta to resolve the issue. For D-Link DAP-3662 versions 1.05rc047 and earlier, update to a version later than 1.05rc047 to resolve the issue. As a temporary workaround, consider restricting the ability to upload firmware to minimize the risk of exploitation.