Data Integrity Flaw in D-Link DNR-322L Device
CVE-2022-40799
8.8HIGH
Key Information:
- Vendor
D-Link
- Status
- Vendor
- CVE Published:
- 29 November 2022
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2022-40799?
The D-Link DNR-322L device version 2.60B15 and earlier is affected by a data integrity failure in the 'Backup Config' feature. This vulnerability allows authenticated attackers to execute operating system-level commands on the device, potentially compromising its integrity and security. Effective measures should be implemented to mitigate these risks and safeguard the device from unauthorized access.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.