CVE-2022-40719

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the xupnpd service, which listens on TCP port 4044 by default. When parsing the feed parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15906.

CVSS v3.0 8.8 HIGH

8.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-1223/	Third Party Advisory VDB Entry
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10304	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dir-2150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*

Information

Published : 2023-01-26 10:59

Updated : 2023-02-02 07:17

NVD link : CVE-2022-40719

Mitre link : CVE-2022-40719

JSON object : View

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Products Affected

dlink

dir-2150_firmware
dir-2150

8.8 /10