D-Link DIR-882 1.10B02/1.20B06 buffer overflow

A vulnerability classified as critical has been found in D-Link DIR-882 1.10B02/1.20B06. This affects an unknown part. The manipulation leads to buffer overflow. The CWE definition for the vulnerability is CWE-120. The weakness was shared 11/22/2022. The advisory is shared at github.com. This vulnerability is uniquely identified as CVE-2022-44806. The attack can only be initiated within the local network. There are no technical details available. There is no exploit available. The price for an exploit might be around USD $5k-$25k at the moment. It is declared as not defined. We expect the 0-day to have been worth approximately $5k-$25k. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field11/22/2022 07:06 PM
vendorD-Link
nameDIR-882
version1.10B02/1.20B06
cwe120 (buffer overflow)
risk2
cvss3_vuldb_acL
cvss3_vuldb_sU
cvss3_vuldb_cL
cvss3_vuldb_iL
cvss3_vuldb_aL
cvss3_vuldb_rcR
urlhttps://github.com/RobinWang825/IoT_vuln/tree/main/D-Link/DIR-882/4
cveCVE-2022-44806
cve_assigned1667775600 (11/07/2022)
cve_nvd_summaryD-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.
date1669071600 (11/22/2022)
typeRouter Operating System
cvss2_vuldb_acL
cvss2_vuldb_ciP
cvss2_vuldb_iiP
cvss2_vuldb_aiP
cvss2_vuldb_rcUR
cvss2_vuldb_avA
cvss2_vuldb_auS
cvss2_vuldb_eND
cvss2_vuldb_rlND
cvss3_vuldb_avA
cvss3_vuldb_prL
cvss3_vuldb_uiN
cvss3_vuldb_eX
cvss3_vuldb_rlX
cvss2_vuldb_basescore5.2
cvss2_vuldb_tempscore4.9
cvss3_vuldb_basescore5.5
cvss3_vuldb_tempscore5.3
cvss3_meta_basescore5.5
cvss3_meta_tempscore5.3
price_0day$5k-$25k

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!