{"containers": {"cna": {"affected": [{"product": "D-Link Routers", "vendor": "n/a", "versions": [{"status": "affected", "version": "DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 fir ...[truncated*]"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."}], "problemTypes": [{"descriptions": [{"description": "Command Injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-11T19:38:13", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/security/research/tra-2022-09"}], "x_ConverterErrors": {"version_name": {"error": "version_name too long. Use array of versions to record more than one version.", "message": "Truncated!"}}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2022-1262", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "D-Link Routers", "version": {"version_data": [{"version_value": "DIR-1360 A1 firmware version 1.02B03, DIR-1360 A1 firmware version 1.03B02, DIR-1360 A1 firmware version 1.11B04, DIR-1360 firmware version 1.00B15, DIR-1360 firmware version 1.01B03, DIR-1760 firmware version 1.01B04, DIR-1960 A1 firmware version 1.02B01, DIR-1960 A1 firmware version 1.03B03, DIR-1960 A1 firmware version 1.11B03, DIR-2640 A1 firmware version 1.01B04, DIR-2640 A1 firmware version 1.11B02, DIR-2660 A1 firmware version 1.04B03, DIR-2660 A1 firmware version 1.11B04, DIR-2660 firmware version 1.00B14, DIR-2660 firmware version 1.01B03, DIR-2660 firmware version 1.02B01, DIR-2660 firmware version 1.03B04, DIR-3040 A1 firmware version 1.11B02, DIR-3040 A1 firmware version 1.12B01, DIR-3040 A1 firmware version 1.13B03, DIR-3040 A1 firmware version 1.20B03, DIR-3060 A1 firmware version 1.01B07, DIR-3060 A1 firmware version 1.02B03, DIR-3060 A1 firmware version 1.11B04, DIR-3060 firmware version 1.00B12, DIR-867 A1 firmware version 1.20B10, DIR-867 firmware version 1.10B04, DIR-867 firmware version 1.30B07, DIR-878 firmware version 1.20B05, DIR-878 firmware version 1.30B08, DIR-882 A1 firmware version 1.30B06, DIR-882 A1 firmware version 1.30B10, DIR-882 firmware version 1.20B06"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/research/tra-2022-09", "refsource": "MISC", "url": "https://www.tenable.com/security/research/tra-2022-09"}]}}}}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2022-1262", "datePublished": "2022-04-11T19:38:13", "dateReserved": "2022-04-06T00:00:00", "dateUpdated": "2022-04-11T19:38:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.02b03:*:*:*:*:*:*:*", "matchCriteriaId": "CF007E45-F1D5-4B86-8C32-4522BB78B113", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.03b02:*:*:*:*:*:*:*", "matchCriteriaId": "9EE0B84B-984C-405B-AD53-89F048F48721", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.11b04:*:*:*:*:*:*:*", "matchCriteriaId": "E091E879-E4C2-4782-9E47-C712A7947727", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-1360:a1:*:*:*:*:*:*:*", "matchCriteriaId": "C8E7C9EC-241F-4698-9878-DC02CB1B69E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-1760_firmware:1.01b04:*:*:*:*:*:*:*", "matchCriteriaId": "CA7235AB-E767-4772-99F4-2CC3046564EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1760_firmware:1.11b03:beta:*:*:*:*:*:*", "matchCriteriaId": "D6FEFE51-389C-478A-B2D5-AAF2066649C4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-1760:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C961D12-61B7-440A-B7CE-C431E6903CDC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.02b01:*:*:*:*:*:*:*", "matchCriteriaId": "94032F8E-AB47-451C-B5C2-21724ABB43DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.03b03:*:*:*:*:*:*:*", "matchCriteriaId": "4292CE32-F5C9-4714-AE2E-577C304EA441", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.11b03:*:*:*:*:*:*:*", "matchCriteriaId": "490294F3-F68E-43A4-8570-A4BDF233BEED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-1960:a1:*:*:*:*:*:*:*", "matchCriteriaId": "144284ED-C086-49DE-8516-844A6CD2A30C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.11b02:beta:*:*:*:*:*:*", "matchCriteriaId": "9141FC19-E6B2-4BA3-9166-A173BF772A6E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-2640:-:*:*:*:*:*:*:*", "matchCriteriaId": "D68A4D09-6C9A-4F3B-863D-DF612DB8DB89", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.04b03:*:*:*:*:*:*:*", "matchCriteriaId": "03EB40C9-7AA1-4850-8856-A10D0A4759D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.11b04:*:*:*:*:*:*:*", "matchCriteriaId": "F695ADF7-0327-4983-A4E2-174C15674B37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-2660:a1:*:*:*:*:*:*:*", "matchCriteriaId": "D043D251-10DA-4939-BEBA-284A4A956B0D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:beta:*:*:*:*:*:*", "matchCriteriaId": "22A3B1DF-2D8E-4709-A7FA-8EAD016DA9F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-3040:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4EDA686-7BB6-49CB-8370-E0E5F53914A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.00b12:*:*:*:*:*:*:*", "matchCriteriaId": "335C34AB-4223-4D81-B664-C0E730B0BFBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b04:beta:*:*:*:*:*:*", "matchCriteriaId": "BE1DF67D-9464-4FEA-A5F6-BD5AC47D4E2F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-3060:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B48DF58-000E-4846-BEB6-69E4E69375E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.20b10:*:*:*:*:*:*:*", "matchCriteriaId": "12D2E414-7BC6-432D-897B-35FFAE944374", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-867:a1:*:*:*:*:*:*:*", "matchCriteriaId": "9747CBE7-1ECC-403F-93FC-0BBBE0124111", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-878_firmware:1.20b05:*:*:*:*:*:*:*", "matchCriteriaId": "D1CD2BE2-2157-4ADA-986F-2033EF15BC56", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-878_firmware:1.30b08:*:*:*:*:*:*:*", "matchCriteriaId": "7BFB6A28-3330-449A-A738-C2AC52B04C6B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D288C73-F89A-47FF-AF11-143C3DFDF942", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.20b06:*:*:*:*:*:*:*", "matchCriteriaId": "DEBD8322-35F5-40FC-B8F7-1C74AD9C6259", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6ECB8ED-F3A2-4C05-8570-719ECB166B09", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.00b15:*:*:*:*:*:*:*", "matchCriteriaId": "CD10B74D-AE8C-40EC-99E5-2298A3085840", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.01b03:*:*:*:*:*:*:*", "matchCriteriaId": "7C7BF035-A533-4F38-9E4F-04A83D648B20", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-1360_firmware:1.11b04:beta:*:*:*:*:*:*", "matchCriteriaId": "37851FB0-40E6-4BA7-9A9C-E127851E4032", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-1360:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD91DDBE-83E8-4F3A-BB71-1EC8798DD086", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-1960_firmware:1.11b03:beta:*:*:*:*:*:*", "matchCriteriaId": "97E30469-D830-457F-B1FD-7BA3DA8B49E3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-1960:-:*:*:*:*:*:*:*", "matchCriteriaId": "67D40051-D7D8-4C76-B006-A94D501647C6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.01b04:*:*:*:*:*:*:*", "matchCriteriaId": "114D694E-3858-4FCA-BE67-65C78256C0FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2640_firmware:1.11b02:*:*:*:*:*:*:*", "matchCriteriaId": "AC690F1B-7B27-42A1-853A-EF04959FCF07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-2640:a1:*:*:*:*:*:*:*", "matchCriteriaId": "F950267C-AA12-4B1B-9995-66CDB0512757", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.00b14:*:*:*:*:*:*:*", "matchCriteriaId": "50F1ACBB-BE31-4912-862D-05866A0AD7C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.01b03:*:*:*:*:*:*:*", "matchCriteriaId": "900238FF-5D28-4EF3-B8D2-92D9525EAF62", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.02b01:*:*:*:*:*:*:*", "matchCriteriaId": "2BAB44B3-A735-4BAA-89E4-11EAB2E62EBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.03b04:*:*:*:*:*:*:*", "matchCriteriaId": "2C4EF06F-6619-4523-977A-0A3780D65C08", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-2660_firmware:1.11b04:beta:*:*:*:*:*:*", "matchCriteriaId": "4B621EA3-5396-4E84-A2FA-0DB68CEE4583", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-2660:-:*:*:*:*:*:*:*", "matchCriteriaId": "37C4E9FB-B4B0-40A8-A0B0-398050F9180D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.11b02:*:*:*:*:*:*:*", "matchCriteriaId": "536F60AF-6A0B-419A-B2EC-E13D6D7FC398", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.12b01:*:*:*:*:*:*:*", "matchCriteriaId": "F5681FB5-5F16-439F-B40E-A5FBBF15DEE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:*", "matchCriteriaId": "8495556A-FE73-4D22-A3F1-367D0D143DBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3040_firmware:1.20b03:*:*:*:*:*:*:*", "matchCriteriaId": "8E2AA7D0-1625-4493-8E18-3B9362466C9B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-3040:a1:*:*:*:*:*:*:*", "matchCriteriaId": "05ACD014-D3EE-4653-91F9-959FB7BD0BC9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.01b07:*:*:*:*:*:*:*", "matchCriteriaId": "26AA9A9D-4690-47C4-AB35-36FF8CD1E887", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.02b03:*:*:*:*:*:*:*", "matchCriteriaId": "3B39D8AC-04D7-40AF-A72D-5ADD5CACA57A", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b02:*:*:*:*:*:*:*", "matchCriteriaId": "16BC242D-9BBA-4A67-BCBD-A61CEBC87175", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-3060_firmware:1.11b04:*:*:*:*:*:*:*", "matchCriteriaId": "8C423CCB-73CC-4AE7-B163-F2A0CB4D8817", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-3060:a1:*:*:*:*:*:*:*", "matchCriteriaId": "75CB7C7C-1B0E-4EC8-9FFC-363D2DF1CDBD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.10b04:*:*:*:*:*:*:*", "matchCriteriaId": "2C531C05-7DE4-496D-B70B-8EEF56579BF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-867_firmware:1.30b07:*:*:*:*:*:*:*", "matchCriteriaId": "06D97D1B-02AC-46A2-AABC-6336B606C131", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-867:-:*:*:*:*:*:*:*", "matchCriteriaId": "94CB6320-D2FB-4405-8C2D-BB59798A0670", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.30b06:*:*:*:*:*:*:*", "matchCriteriaId": "ECEECA9D-716E-4C4D-A299-F3BA3D0C790B", "vulnerable": true}, {"criteria": "cpe:2.3:o:dlink:dir-882_firmware:1.30b10:*:*:*:*:*:*:*", "matchCriteriaId": "E29C868C-B1AD-4C46-99C4-94EEE89CF02A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-882:a1:*:*:*:*:*:*:*", "matchCriteriaId": "90575122-CE47-42E5-BCE3-6444599B16B3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comandos en el binario de protesta permite a un atacante con acceso a la interfaz de l\u00ednea de comandos remota ejecutar comandos arbitrarios como root"}], "id": "CVE-2022-1262", "lastModified": "2022-04-18T14:31:27.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-11T20:15:18.157", "references": [{"source": "vulnreport@tenable.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2022-09"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}