CVE-2022-42159

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions D-Link COVR versions 1.08

Description The issue is related to errors in the code of the pseudo-random number generator, which may allow a remote attacker to compromise the integrity of protected information. The pseudo-random number generator has a predictable seed.

Recommendations For version 1.08, consider disabling the pseudo-random number generator function until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-335CWE-338

Related Identifiers

BDU:2022-06560

CVE-2022-42159

Affected Products

D-Link Covr

CVE-2022-42159

Weakness Enumeration

Related Identifiers

Affected Products

References · 8