CVE-2022-34527

Name of the Vulnerable Software and Affected Versions D-Link DSL-3782 versions 1.03 and below

Description The issue is related to a command injection vulnerability via the byte 4C0160 function. It is associated with insufficient argument validation for certain CLI commands, which can be exploited to elevate privileges and execute arbitrary commands.

Recommendations For D-Link DSL-3782 versions 1.03 and below, consider disabling the byte 4C0160 function as a temporary workaround until a patch is available. Restrict access to CLI commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.