CVE-2022-44929

9.8CRITICAL

Key Information:

Vendor
D-link
Status
Dvg-g5402sp Firmware
Vendor
CVE Published:
2 December 2022

Summary

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.

References

https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-202...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.