CVE-2022-43109

Name of the Vulnerable Software and Affected Versions D-Link DIR-823G version 1.0.2

Description The issue is related to the implementation of the SetNetworkTomographySettings() function in the D-Link DIR-823G router's firmware, which is associated with insufficient input data sanitization used in commands. This can be exploited by a remote attacker to execute arbitrary commands by sending specially crafted malicious packets.

Recommendations For D-Link DIR-823G version 1.0.2, consider disabling the SetNetworkTomographySettings() function as a temporary workaround until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.