Vulnerability-Lookup

FKIE_CVE-2022-1262

Vulnerability from fkie_nvd - Published: 2022-04-11 20:15 - Updated: 2024-11-21 06:40

Severity

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.

References

	URL	Tags
	vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2022-09	Exploit, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2022-09	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
dlink	dir-1360_firmware	1.02b03
dlink	dir-1360_firmware	1.03b02
dlink	dir-1360_firmware	1.11b04
dlink	dir-1360	a1
dlink	dir-1760_firmware	1.01b04
dlink	dir-1760_firmware	1.11b03
dlink	dir-1760	-
dlink	dir-1960_firmware	1.02b01
dlink	dir-1960_firmware	1.03b03
dlink	dir-1960_firmware	1.11b03
dlink	dir-1960	a1
dlink	dir-2640_firmware	1.11b02
dlink	dir-2640	-
dlink	dir-2660_firmware	1.04b03
dlink	dir-2660_firmware	1.11b04
dlink	dir-2660	a1
dlink	dir-3040_firmware	1.13b03
dlink	dir-3040	-
dlink	dir-3060_firmware	1.00b12
dlink	dir-3060_firmware	1.11b04
dlink	dir-3060	-
dlink	dir-867_firmware	1.20b10
dlink	dir-867	a1
dlink	dir-878_firmware	1.20b05
dlink	dir-878_firmware	1.30b08
dlink	dir-878	-
dlink	dir-882_firmware	1.20b06
dlink	dir-882	-
dlink	dir-1360_firmware	1.00b15
dlink	dir-1360_firmware	1.01b03
dlink	dir-1360_firmware	1.11b04
dlink	dir-1360	-
dlink	dir-1960_firmware	1.11b03
dlink	dir-1960	-
dlink	dir-2640_firmware	1.01b04
dlink	dir-2640_firmware	1.11b02
dlink	dir-2640	a1
dlink	dir-2660_firmware	1.00b14
dlink	dir-2660_firmware	1.01b03
dlink	dir-2660_firmware	1.02b01
dlink	dir-2660_firmware	1.03b04
dlink	dir-2660_firmware	1.11b04
dlink	dir-2660	-
dlink	dir-3040_firmware	1.11b02
dlink	dir-3040_firmware	1.12b01
dlink	dir-3040_firmware	1.13b03
dlink	dir-3040_firmware	1.20b03
dlink	dir-3040	a1
dlink	dir-3060_firmware	1.01b07
dlink	dir-3060_firmware	1.02b03
dlink	dir-3060_firmware	1.11b02
dlink	dir-3060_firmware	1.11b04
dlink	dir-3060	a1
dlink	dir-867_firmware	1.10b04
dlink	dir-867_firmware	1.30b07
dlink	dir-867	-
dlink	dir-882_firmware	1.30b06
dlink	dir-882_firmware	1.30b10
dlink	dir-882	a1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.02b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF007E45-F1D5-4B86-8C32-4522BB78B113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.03b02:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE0B84B-984C-405B-AD53-89F048F48721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.11b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "E091E879-E4C2-4782-9E47-C712A7947727",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-1360:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E7C9EC-241F-4698-9878-DC02CB1B69E2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-1760_firmware:1.01b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7235AB-E767-4772-99F4-2CC3046564EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1760_firmware:1.11b03:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D6FEFE51-389C-478A-B2D5-AAF2066649C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-1760:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C961D12-61B7-440A-B7CE-C431E6903CDC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.02b01:*:*:*:*:*:*:*",
              "matchCriteriaId": "94032F8E-AB47-451C-B5C2-21724ABB43DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.03b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "4292CE32-F5C9-4714-AE2E-577C304EA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.11b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "490294F3-F68E-43A4-8570-A4BDF233BEED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-1960:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "144284ED-C086-49DE-8516-844A6CD2A30C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.11b02:beta:*:*:*:*:*:*",
              "matchCriteriaId": "9141FC19-E6B2-4BA3-9166-A173BF772A6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-2640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D68A4D09-6C9A-4F3B-863D-DF612DB8DB89",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.04b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "03EB40C9-7AA1-4850-8856-A10D0A4759D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.11b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F695ADF7-0327-4983-A4E2-174C15674B37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-2660:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D043D251-10DA-4939-BEBA-284A4A956B0D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:beta:*:*:*:*:*:*",
              "matchCriteriaId": "22A3B1DF-2D8E-4709-A7FA-8EAD016DA9F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-3040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4EDA686-7BB6-49CB-8370-E0E5F53914A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.00b12:*:*:*:*:*:*:*",
              "matchCriteriaId": "335C34AB-4223-4D81-B664-C0E730B0BFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b04:beta:*:*:*:*:*:*",
              "matchCriteriaId": "BE1DF67D-9464-4FEA-A5F6-BD5AC47D4E2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-3060:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B48DF58-000E-4846-BEB6-69E4E69375E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.20b10:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D2E414-7BC6-432D-897B-35FFAE944374",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-867:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9747CBE7-1ECC-403F-93FC-0BBBE0124111",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-878_firmware:1.20b05:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CD2BE2-2157-4ADA-986F-2033EF15BC56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-878_firmware:1.30b08:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFB6A28-3330-449A-A738-C2AC52B04C6B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D288C73-F89A-47FF-AF11-143C3DFDF942",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.20b06:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBD8322-35F5-40FC-B8F7-1C74AD9C6259",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6ECB8ED-F3A2-4C05-8570-719ECB166B09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.00b15:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD10B74D-AE8C-40EC-99E5-2298A3085840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.01b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7BF035-A533-4F38-9E4F-04A83D648B20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.11b04:beta:*:*:*:*:*:*",
              "matchCriteriaId": "37851FB0-40E6-4BA7-9A9C-E127851E4032",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-1360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD91DDBE-83E8-4F3A-BB71-1EC8798DD086",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.11b03:beta:*:*:*:*:*:*",
              "matchCriteriaId": "97E30469-D830-457F-B1FD-7BA3DA8B49E3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-1960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D40051-D7D8-4C76-B006-A94D501647C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.01b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "114D694E-3858-4FCA-BE67-65C78256C0FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.11b02:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC690F1B-7B27-42A1-853A-EF04959FCF07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-2640:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F950267C-AA12-4B1B-9995-66CDB0512757",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.00b14:*:*:*:*:*:*:*",
              "matchCriteriaId": "50F1ACBB-BE31-4912-862D-05866A0AD7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.01b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "900238FF-5D28-4EF3-B8D2-92D9525EAF62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.02b01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAB44B3-A735-4BAA-89E4-11EAB2E62EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.03b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C4EF06F-6619-4523-977A-0A3780D65C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.11b04:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4B621EA3-5396-4E84-A2FA-0DB68CEE4583",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-2660:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C4E9FB-B4B0-40A8-A0B0-398050F9180D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.11b02:*:*:*:*:*:*:*",
              "matchCriteriaId": "536F60AF-6A0B-419A-B2EC-E13D6D7FC398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.12b01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5681FB5-5F16-439F-B40E-A5FBBF15DEE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "8495556A-FE73-4D22-A3F1-367D0D143DBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.20b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E2AA7D0-1625-4493-8E18-3B9362466C9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-3040:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05ACD014-D3EE-4653-91F9-959FB7BD0BC9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.01b07:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AA9A9D-4690-47C4-AB35-36FF8CD1E887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.02b03:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B39D8AC-04D7-40AF-A72D-5ADD5CACA57A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b02:*:*:*:*:*:*:*",
              "matchCriteriaId": "16BC242D-9BBA-4A67-BCBD-A61CEBC87175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C423CCB-73CC-4AE7-B163-F2A0CB4D8817",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-3060:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CB7C7C-1B0E-4EC8-9FFC-363D2DF1CDBD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.10b04:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C531C05-7DE4-496D-B70B-8EEF56579BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.30b07:*:*:*:*:*:*:*",
              "matchCriteriaId": "06D97D1B-02AC-46A2-AABC-6336B606C131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-867:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94CB6320-D2FB-4405-8C2D-BB59798A0670",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.30b06:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECEECA9D-716E-4C4D-A299-F3BA3D0C790B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.30b10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E29C868C-B1AD-4C46-99C4-94EEE89CF02A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dlink:dir-882:a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "90575122-CE47-42E5-BCE3-6444599B16B3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en el binario de protesta permite a un atacante con acceso a la interfaz de l\u00ednea de comandos remota ejecutar comandos arbitrarios como root"
    }
  ],
  "id": "CVE-2022-1262",
  "lastModified": "2024-11-21T06:40:21.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-11T20:15:18.157",
  "references": [
    {
      "source": "vulnreport@tenable.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2022-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2022-09"
    }
  ],
  "sourceIdentifier": "vulnreport@tenable.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-1262 (GCVE-0-2022-1262)

Vulnerability from cvelistv5 – Published: 2022-04-11 19:38 – Updated: 2024-08-02 23:55

Summary

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.

Severity

No CVSS data available.

CWE

Command Injection

Assigner

tenable

References

1 reference

URL	Tags
https://www.tenable.com/security/research/tra-2022-09	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
n/a	D-Link Routers	Affected: DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 fir ...[truncated*]

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:24.531Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2022-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "D-Link Routers",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 fir ...[truncated*]"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Command Injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-11T19:38:13.000Z",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2022-09"
        }
      ],
      "x_ConverterErrors": {
        "version_name": {
          "error": "version_name too long. Use array of versions to record more than one version.",
          "message": "Truncated!"
        }
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2022-1262",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "D-Link Routers",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 firmware version 1.30B07, DIR-878 firmware version 1.20B05, DIR-878 firmware version 1.30B08, DIR-882 A1 firmware version 1.30B06, DIR-882 A1 firmware version 1.30B10, DIR-882 firmware version 1.20B06"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2022-09",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2022-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2022-1262",
    "datePublished": "2022-04-11T19:38:13.000Z",
    "dateReserved": "2022-04-06T00:00:00.000Z",
    "dateUpdated": "2024-08-02T23:55:24.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2022-1262

CVE-2022-1262 (GCVE-0-2022-1262)

Tags

Sightings

Nomenclature