CVE-2022-37130

In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dir-816_firmware:1.10cnb04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-816:a2:*:*:*:*:*:*:*

Information

Published : 2022-08-31 16:15

Updated : 2023-03-03 13:15


NVD link : CVE-2022-37130

Mitre link : CVE-2022-37130


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

dlink

  • dir-816_firmware
  • dir-816