CVE-2022-26258
CRITICAL CISA KEVCVSS v3.1: 9.8 · EPSS: 0.8122 (99.6 percentile) · CISA KEV: Yes
Source data as of:
At a glance
- Severity
- CRITICAL
- CVSS
- 9.8 v3.1 · NVD
- EPSS
- 0.8122 (99.6 percentile) · FIRST.org
- CISA KEV
- Yes KEV added: 2022-09-08
- Type
- OS Command Injection · NVD CWE
- Attack conditions (CVSS vector)
- NetworkNo privilegesNo user interaction · Source: NVD Vector
- Affected vendors
- dlink
- Published
- 2022-03-28 · Modified: 2026-07-05
- References
- Jump to references (6)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.
- Reference http://dir-820l.com
- Reference https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0
- Reference https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182…
- Reference https://www.dlink.com/en/security-bulletin/
- Reference http://dlink.com
- CISA https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26258