CVE-2022-43626

Summary

CVE	CVE-2022-43626
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-03-29 19:15:00 UTC
Updated	2023-11-08 23:01:00 UTC
Description	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of SetIPv4FirewallSettings requests to the web management portal. When parsing subelements within the IPv4FirewallRule element, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16146.

Risk And Classification

Problem Types: CWE-78

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	D-link	Dir-1935	-	All	All	All
Operating System	D-link	Dir-1935 Firmware	1.03	b1	All	All
Operating System	D-link	Dir-1935 Firmware	1.03	b2	All	All
Operating System	D-link	Dir-1935 Firmware	All	All	All	All
Hardware	Dlink	Dir-1935	-	All	All	All
Operating System	Dlink	Dir-1935 Firmware	1.03	b1	All	All
Operating System	Dlink	Dir-1935 Firmware	1.03	b2	All	All
Operating System	Dlink	Dir-1935 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
D-Link Technical Support	MISC	supportannouncement.us.dlink.com
ZDI-22-1497 \| Zero Day Initiative	MISC	www.zerodayinitiative.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.