CVE-2022-38873
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/12/2022
Last modified:
17/04/2025
Description
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:dlink:dap-2310_firmware:*:*:*:*:*:*:*:* | 2.10rc036 (including) | |
| cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2330_firmware:*:*:*:*:*:*:*:* | 1.06rc020 (including) | |
| cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2360_firmware:*:*:*:*:*:*:*:* | 2.10rc050 (including) | |
| cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2553_firmware:*:*:*:*:*:*:*:* | 3.10rc031 (including) | |
| cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2660_firmware:*:*:*:*:*:*:*:* | 1.15rc093 (including) | |
| cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2690_firmware:*:*:*:*:*:*:*:* | 3.20rc106 (including) | |
| cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dlink:dap-2695_firmware:*:*:*:*:*:*:*:* | 1.20rc119 (excluding) | |
| cpe:2.3:o:dlink:dap-2695_firmware:1.20rc119:beta31:*:*:*:*:*:* | ||
| cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page