CVE-2022-43632

MEDIUM Year: 2022
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of SetQoSSettings requests to the web management portal. When parsing subelements within the QoSInfo element, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16153.

Related Vulnerabilities

CVE-2017-10811

MEDIUM
CVSS:6.8(Medium)

Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors.

CWE-782017

CVE-2017-10813

MEDIUM
CVSS:6.8(Medium)

CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

CWE-782017

CVE-2017-2152

MEDIUM
CVSS:6.8(Medium)

WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.

CWE-782017

CVE-2018-0512

MEDIUM
CVSS:6.8(Medium)

Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.

CWE-782018

CVE-2018-0677

MEDIUM
CVSS:6.8(Medium)

BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors.

CWE-782018

CVE-2018-14998

MEDIUM
CVSS:6.8(Medium)

The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a hidden root privilege escalation capability to achieve c...

CWE-782018