HomePentest-Tools.com Logo

D-Link DIR-820L Devices RCE Vulnerability (Mar 2022) CVE-2022-26258

Severity
CVSSv3 Score
9.8
Vulnerability description

D-Link DIR-820L devices are prone to a remote command execution (RCE) vulnerability.

Risk description

D-Link DIR-820L was discovered to contain a remote command execution vulnerability via the Device Name parameter in /lan.asp.

Recommendation

No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. Note: Vendor states that DIR-820L reached its End-of-Support Date in 01.11.2017, it is no longer supported, and firmware development has ceased. See vendor advisory for further recommendations.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 28, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available