CVE-2022-46568

CVSS V2 None CVSS V3 None
Description
D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module.
Overview
  • CVE ID
  • CVE-2022-46568
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2022-12-23T19:15:12
  • Last Modified Date
  • 2023-03-03T21:15:10
Weakness Enumerations
CWE URL
CWE-787 http://cwe.mitre.org/data/definitions/787.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:dlink:dir-882_a1_firmware:1.30b06:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:dlink:dir-882_a1:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://hackmd.io/@0dayResearch/B1SZP0aIo Exploit Third Party Advisory
https://hackmd.io/@0dayResearch/SetSysEmailSettings
https://www.dlink.com/en/security-bulletin/ Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-46568
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46568
History
Created Old Value New Value Data Type Notes
2022-12-23 20:15:45 Added to TrackCVE
2022-12-27 12:16:25 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-04 18:20:45 2023-01-04T18:19:02 CVE Modified Date updated
2023-01-04 18:20:45 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-04 18:20:46 Weakness Enumeration new
2023-01-04 18:20:49 CPE Information updated
2023-03-03 21:15:42 2023-03-03T21:15:10 CVE Modified Date updated
2023-03-03 21:15:42 Analyzed Modified Vulnerability Status updated
2023-03-03 21:15:43 D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. Description updated
2023-03-03 21:15:45 References updated