Cyber Resilience

CVE-2022-42156

HighPublic PoCRCE

Published: 13 October 2022

Published
13 October 2022
Modified
15 May 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0924 92.9th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-42156 is a high-severity Command Injection (CWE-77) vulnerability in Dlink Covr 1203 Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 7.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

D-Link COVR 1200 and 1203 devices running firmware version 1.08 contain a command injection vulnerability in the SetNetworkTomographySettings function. The flaw is triggered through the tomography_ping_number parameter and is tracked as CWE-77. It received a CVSS 3.1 score of 8.8, reflecting network attack vector, low complexity, and high impact on confidentiality, integrity, and availability.

An authenticated remote attacker with low privileges can supply crafted input to the affected parameter and execute arbitrary commands on the device. Successful exploitation grants the attacker full control over the router, enabling actions such as data exfiltration, configuration changes, or further lateral movement within the network.

Public references point to a vendor security bulletin page on dlink.com and a detailed disclosure document hosted on GitHub that describes the discovery. No specific patch versions or mitigation steps are enumerated in the available references.

The associated EPSS score remains flat at 0.0924 with no material increase after disclosure.

EU & UK References

Vulnerability details

D-Link COVR 1200,1203 v1.08 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter at function SetNetworkTomographySettings.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
covr 1203 firmware
1.08
dlink
covr 1202 firmware
1.08
dlink
covr 1200 firmware
1.08

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References