Arbitrary Code Execution Vulnerability in D-Link DIR-825 Router
CVE-2022-43642

8.8HIGH

Key Information:

Vendor: D-link
Status: Dir-825
Vendor: CVE Published:; 29 March 2023

What is CVE-2022-43642?

This vulnerability in D-Link DIR-825 routers enables network-adjacent attackers to execute arbitrary code without authentication. The flaw is located within the YouTube plugin of the xupnpd service, which operates on TCP port 4044. Specifically, it arises from insufficient validation of user-supplied strings prior to executing system calls. By exploiting this flaw, an attacker can run code within the context of the admin user, potentially leading to a complete compromise of the router.

Affected Version(s)

DIR-825 1.0.9

References

https://www.zerodayinitiative.com/advisories/ZDI-22-1701/

https://supportannouncement.us.dlink.com/announcement/pub...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2023
Vulnerability Reserved
Oct 21, 2022

Credit

Pap Gergo

D-link

What is CVE-2022-43642?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit