CVE-2022-42156
published 2022-10-13CVE-2022-42156: D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | covr_1200_firmware | — | — |
| dlink | covr_1202_firmware | — | — |
| dlink | covr_1203_firmware | — | — |
| linux | linux_kernel | >= 0 < 5.4.0-202.222 | 5.4.0-202.222 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv5.5MEDIUM