D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.
References
| Link | Resource |
|---|---|
| https://github.com/Yuhao-W/BUG--D-Link--Firmware-Update-Vulnerabilities/blob/main/README.md | Exploit Third Party Advisory |
| https://www.dlink.com/en/security-bulletin/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
History
29 Dec 2022, 17:31
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Dlink dap-2695 Firmware
Dlink dap-2553 Firmware Dlink dap-2360 Dlink dap-2310 Dlink dap-2330 Firmware Dlink dap-3662 Dlink dap-2660 Dlink dap-2690 Dlink dap-2330 Dlink dap-3662 Firmware Dlink dap-2660 Firmware Dlink dap-2360 Firmware Dlink dap-3320 Firmware Dlink dap-2690 Firmware Dlink Dlink dap-2553 Dlink dap-2310 Firmware Dlink dap-3320 Dlink dap-2695 |
|
| References | (MISC) https://www.dlink.com/en/security-bulletin/ - Vendor Advisory | |
| References | (MISC) https://github.com/Yuhao-W/BUG--D-Link--Firmware-Update-Vulnerabilities/blob/main/README.md - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-3320_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2310_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-3662:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2695_firmware:1.20rc119:beta31:*:*:*:*:*:* cpe:2.3:o:dlink:dap-3662_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2553_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2360_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2330_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2660_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2695_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2690_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-3320:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-3320_firmware:1.05rc027:beta:*:*:*:*:*:* |
20 Dec 2022, 20:38
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-12-20 20:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-38873
Mitre link : CVE-2022-38873
CVE.ORG link : CVE-2022-38873
JSON object : View
Products Affected
dlink
- dap-2690
- dap-2330_firmware
- dap-2310_firmware
- dap-3320
- dap-3320_firmware
- dap-2660
- dap-2553_firmware
- dap-2360
- dap-2695_firmware
- dap-2360_firmware
- dap-2330
- dap-2660_firmware
- dap-2310
- dap-2553
- dap-3662_firmware
- dap-2690_firmware
- dap-3662
- dap-2695
CWE