A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an attacker to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-11-22T00:00:00
Updated: 2024-08-03T14:01:31.385Z
Reserved: 2022-11-07T00:00:00
Link: CVE-2022-44808
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-22T15:15:13.827
Modified: 2024-11-21T07:28:29.110
Link: CVE-2022-44808
Redhat
No data.