CVE-2022-42160
published 2022-10-13CVE-2022-42160: D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | covr_1200_firmware | — | — |
| dlink | covr_1202_firmware | — | — |
| dlink | covr_1203_firmware | — | — |
| linux | linux_kernel | >= 0 < 5.4.0-196.216 | 5.4.0-196.216 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv5.5MEDIUM