// For flags

CVE-2022-37134

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow.

D-link DIR-816 versión A2_v1.10CNB04.img, es vulnerable a un Desbordamiento de Búfer por medio del archivo /goform/form2Wan.cgi. Cuando wantype es 3, l2tp_usrname será descifrado por base64, y el resultado es almacenado en v94, que no comprueba el tamaño de l2tp_usrname, resultando en un desbordamiento de pila.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-08-01 CVE Reserved
  • 2022-08-22 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • 2025-04-16 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-1284: Improper Validation of Specified Quantity in Input
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dlink
Search vendor "Dlink"
 Dir-816 Firmware
Search vendor "Dlink" for product "Dir-816 Firmware"
 1.10cnb04
Search vendor "Dlink" for product "Dir-816 Firmware" and version "1.10cnb04"
-
Affected
in Dlink
Search vendor "Dlink"
 Dir-816
Search vendor "Dlink" for product "Dir-816"
 a2
Search vendor "Dlink" for product "Dir-816" and version "a2"
-
Safe