⚠ Actively exploited
Added to CISA KEV on 2022-09-08. Federal agencies required to patch by 2022-09-29. Required action: The impacted product is end-of-life and should be disconnected if still in use..

CVE-2022-26258

CWE-78OS Command Injection7 documents6 sources
Severity
9.8CRITICAL
EPSS
87.6%
top 0.53%
CISA KEV
KEV
Added 2022-09-08
Due 2022-09-29
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Dlink Dir-820l Firmware
Timeline
PublishedMar 28
KEV addedSep 8
KEV dueSep 29
CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.

Description

D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-qf97-3r3x-x56v: D-Link DIR-820L 12022-03-29
CVEList
CVE-2022-26258: D-Link DIR-820L 12022-03-27
VulnCheck
D-Link DIR-820L Remote Code Execution Vulnerability2022

📋Vendor Advisories

1
CISA
D-Link DIR-820L Remote Code Execution Vulnerability2022-09-08

🕵️Threat Intelligence

2
Unit42
Mirai Variant MooBot Targeting D-Link Devices2022-09-06
Unit42
Mirai Variant MooBot Targeting D-Link Devices2022-09-06
CVE-2022-26258 (CRITICAL CVSS 9.8) | D-Link DIR-820L 1.05B03 was discove | cvebase.io