CVE-2022-43622

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When parsing the HNAP_AUTH header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16139.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dlink:dir-1935_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1935_firmware:1.03:b1:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1935_firmware:1.03:b2:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1935:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:26

Type Values Removed Values Added
References () https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10310 - Patch, Vendor Advisory () https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10310 - Patch, Vendor Advisory
References () https://www.zerodayinitiative.com/advisories/ZDI-22-1491/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-22-1491/ - Third Party Advisory, VDB Entry

08 Nov 2023, 22:59

Type Values Removed Values Added
CPE cpe:2.3:o:d-link:dir-1935_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-1935_firmware:*:*:*:*:*:*:*:*

08 Nov 2023, 13:30

Type Values Removed Values Added
First Time Dlink
Dlink dir-1935 Firmware
Dlink dir-1935
CPE cpe:2.3:h:d-link:dir-1935:-:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-1935_firmware:1.03:b1:*:*:*:*:*:*
cpe:2.3:o:d-link:dir-1935_firmware:1.03:b2:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1935_firmware:1.03:b1:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1935_firmware:1.03:b2:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1935:-:*:*:*:*:*:*:*

Information

Published : 2023-03-29 19:15

Updated : 2024-11-21 07:26


NVD link : CVE-2022-43622

Mitre link : CVE-2022-43622

CVE.ORG link : CVE-2022-43622


JSON object : View

Products Affected

dlink

  • dir-1935
  • dir-1935_firmware
CWE
CWE-121

Stack-based Buffer Overflow