CVE-2022-26258
CVE-2022-26258
Vexday Risk Score
80High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 9.8EPSS 81.2%KEV simPoC —Nuclei —Metasploit —Patch —
Lifecycle
27 Mar 2022Published on NVD
08 Sep 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A vulnerability in D-Link DIR-820L router version 1.05B03 allows attackers to execute arbitrary commands remotely through an unprotected HTTP POST request, potentially giving them full control of the device.
Technical detail
Remote command injection vulnerability in D-Link DIR-820L 1.05B03 accessible via HTTP POST to the 'get_set_ccp' endpoint without proper input validation or authentication. An attacker can inject OS commands that execute with device privileges, leading to complete system compromise.
Summary generated and translated by AI from the official description.
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://dir-820l.comhttp://dlink.comhttps://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.mdhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26258https://www.dlink.com/en/security-bulletin/