CVE-2022-34528

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions D-Link DSL-3782 versions v1.03 and below

Description The issue is related to a stack overflow vulnerability in the getAttrValue function of the D-Link DSL-3782 router's firmware. Exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For D-Link DSL-3782 versions v1.03 and below, consider disabling the getAttrValue function as a temporary workaround until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2022-05537

CVE-2022-34528

Affected Products

D-Link Dsl-3782

CVE-2022-34528

Weakness Enumeration

Related Identifiers

Affected Products

References · 6