CVE-2022-29778

Published June 3rd, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php

TyeYeah/DIR-890L-1.20-RCE

Analysis and PoC for D-Link DIR-890L RCE (CVE-2022-29778)

GitHub