Command Injection Vulnerability in D-Link Router Product
CVE-2022-46641
9.9CRITICAL
What is CVE-2022-46641?
The D-Link DIR-846 router has been found to possess a command injection vulnerability through the lan(0)_dhcps_staticlist parameter within its SetIpMacBindSettings function. This flaw allows attackers to execute arbitrary commands, potentially compromising the security and functionality of the device. Users are recommended to apply the latest firmware updates and follow security best practices to mitigate risks associated with this vulnerability.