Buffer Overflow Vulnerability in D-Link DIR-882 Router
CVE-2022-44804

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-882 Firmware
Vendor: CVE Published:; 22 November 2022

What is CVE-2022-44804?

The D-Link DIR-882 routers, specifically versions 1.10B02 and 1.20B06, are susceptible to a buffer overflow vulnerability through the websRedirect function. This flaw could be exploited by an attacker to execute arbitrary code, potentially compromising the security of the device. Users should take immediate action to secure their routers by applying relevant firmware updates and reviewing their device configurations. For additional details, refer to the D-Link security bulletin and related analyses.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/RobinWang825/IoT_vuln/tree/main/D-Link...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2022
Vulnerability Reserved
Nov 7, 2022