CVE-2022-42161
Published: 13 October 2022
Summary
CVE-2022-42161 is a high-severity Command Injection (CWE-77) vulnerability in Dlink Covr 1203 Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 7.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
D-Link COVR 1200, 1202, and 1203 devices running firmware version 1.08 contain a command injection vulnerability in the SetTriggerWPS function, specifically through the /SetTriggerWPS/PIN parameter. This flaw, classified under CWE-77, allows improper neutralization of special elements used in commands.
An attacker with network access and valid credentials can supply malicious input to the PIN parameter, resulting in arbitrary command execution on the device with impacts to confidentiality, integrity, and availability.
D-Link has published a security bulletin addressing the issue, available alongside technical details in public vulnerability disclosures. The EPSS score for this CVE has remained flat at 0.0924.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-45238
Vulnerability details
D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.