CVE-2022-35192

EPSS 0.76%
Published 26.08.2022 00:15:09
Last modified 21.11.2024 07:10:52
Source cve@mitre.org
Teams watchlist Login
Open Login

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Dlink ≫ Dsl-3782 Firmware Version1.01

Dlink ≫ Dsl-3782 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.76%	0.723

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.dlink.com/en/security-bulletin/

Vendor Advisory

http://d-link.com

Product

http://wireless.com

Product

https://pastebin.com/upHp001e

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-35192

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-35192

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-35192

EUVD