CVE-2022-43626

Name of the Vulnerable Software and Affected Versions D-Link DIR-1935 version 1.03

Description The issue is related to the SetIPv4FirewallSettings() function in the web management interface of D-Link DIR-1935 routers, which fails to properly clean input data in a user-supplied string when handling the IPv4FirewallRule element. This can be exploited by a remote attacker to execute arbitrary code, even though authentication is required, as the existing authentication mechanism can be bypassed. The vulnerability allows an attacker to execute code in the context of root by leveraging the improper validation of user-supplied input.

Recommendations For D-Link DIR-1935 version 1.03, as a temporary workaround, consider disabling the SetIPv4FirewallSettings() function until a patch is available. Restrict access to the web management portal to minimize the risk of exploitation. Avoid using the IPv4FirewallRule element in the SetIPv4FirewallSettings requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.