Command Injection Vulnerability in D-Link DIR-846 Router
CVE-2022-46642
9.9CRITICAL
What is CVE-2022-46642?
The D-Link DIR-846 router contains a command injection vulnerability in the SetAutoUpgradeInfo function, specifically through the auto_upgrade_hour parameter. This flaw could allow an attacker to execute arbitrary commands on the device, potentially leading to unauthorized access or other malicious activities. Users of the DIR-846 should apply the recommended security patches and updates to mitigate this risk.