PT-2022-27907 · D Link · D-Link Dir-878+1
Wolin Zhuang
+1
·
Published
2022-12-23
·
Updated
2023-03-03
·
CVE-2022-46561
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-882 version DIR882A1 FW130B06
D-Link DIR-878 version DIR 878 FW1.30B08
Description
A stack overflow issue was discovered via the
Password parameter in the SetWanSettings module. This issue affects the specified D-Link router models.Recommendations
For D-Link DIR-882 version DIR882A1 FW130B06, avoid using the
Password parameter in the SetWanSettings module until a patch is available.
For D-Link DIR-878 version DIR 878 FW1.30B08, consider restricting access to the SetWanSettings module to minimize the risk of exploitation.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dir-878
D-Link Dir-882