Command Injection Vulnerability in D-Link DHP-W310AV Product
CVE-2022-44930

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: DHP-w310av Firmware
Vendor: CVE Published:; 2 December 2022

Summary

The D-Link DHP-W310AV device is susceptible to a command injection vulnerability through its System Checks function. This security flaw could allow unauthorized users to execute arbitrary commands on the affected device, potentially compromising system integrity and enabling further malicious activity. It is crucial for users and system administrators to remain vigilant and apply necessary updates to mitigate this risk.

References

https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-202...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 2, 2022
Vulnerability Reserved
Nov 7, 2022