CVE-2022-30521

moderate-risk

Published 2022-06-02

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users easily. The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152.

Do I need to act?

1.8% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (1)

Dir-890L Firmware

Affected Vendors

Dlink

References (6)

Exploit https://github.com/winmt/CVE/blob/main/DIR-890L/README.md

https://github.com/winmt/my-vuls/tree/main/DIR-890L

Vendor Advisory https://www.dlink.com/en/security-bulletin/

Exploit https://github.com/winmt/CVE/blob/main/DIR-890L/README.md

https://github.com/winmt/my-vuls/tree/main/DIR-890L

Vendor Advisory https://www.dlink.com/en/security-bulletin/

/ 100

moderate-risk

Severity 32/34 · Critical

Exploitability 5/34 · Minimal

Exposure 5/34 · Minimal