Cyber Resilience

CVE-2022-42161

HighPublic PoCRCE

Published: 13 October 2022

Published
13 October 2022
Modified
15 May 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0924 92.9th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-42161 is a high-severity Command Injection (CWE-77) vulnerability in Dlink Covr 1203 Firmware. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 7.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

D-Link COVR 1200, 1202, and 1203 devices running firmware version 1.08 contain a command injection vulnerability in the SetTriggerWPS function, specifically through the /SetTriggerWPS/PIN parameter. This flaw, classified under CWE-77, allows improper neutralization of special elements used in commands.

An attacker with network access and valid credentials can supply malicious input to the PIN parameter, resulting in arbitrary command execution on the device with impacts to confidentiality, integrity, and availability.

D-Link has published a security bulletin addressing the issue, available alongside technical details in public vulnerability disclosures. The EPSS score for this CVE has remained flat at 0.0924.

EU & UK References

Vulnerability details

D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the /SetTriggerWPS/PIN parameter at function SetTriggerWPS.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
covr 1203 firmware
1.08
dlink
covr 1202 firmware
1.08
dlink
covr 1200 firmware
1.08

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References