Directory Traversal Vulnerability in D-Link DIR-825 AC1200 R2 Router
CVE-2022-29332

6.5MEDIUM

Key Information:

Vendor: D-Link
Status: Dir-825 Firmware
Vendor: CVE Published:; 17 May 2022

What is CVE-2022-29332?

The D-Link DIR-825 AC1200 R2 Router is exposed to a Directory Traversal vulnerability. This weakness allows attackers to manipulate the FTP server settings to navigate outside the intended directories, potentially leading to unauthorized access to the router's entire file system. By exploiting this flaw, an attacker can gain access to sensitive configurations and files, undermining the security integrity of the device.

References

https://github.com/Quadron-Research-Lab/Hardware-IoT/blob...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2022
Vulnerability Reserved
Apr 16, 2022