CVE-2022-29332

D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the "../../../../" setting of the FTP server folder to set the router's root folder for FTP access. This allows you to access the entire router file system via the FTP server.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf	Exploit Third Party Advisory
https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dir-825_firmware:2022.01.13-13.48:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825:r2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-05-17 14:15

Updated : 2024-11-21 06:58

NVD link : CVE-2022-29332

Mitre link : CVE-2022-29332

CVE.ORG link : CVE-2022-29332

JSON object : View

Products Affected

dlink

dir-825_firmware
dir-825

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2022-29332", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-05-17T14:15:08.010", "references": [{"url": "https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/Quadron-Research-Lab/Hardware-IoT/blob/main/d-link_dir-825_R2.pdf", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the \"../../../../\" setting of the FTP server folder to set the router's root folder for FTP access. This allows you to access the entire router file system via the FTP server."}, {"lang": "es", "value": "D-LINK DIR-825 AC1200 R2 es vulnerable a un Salto de Directorio. Un atacante podr\u00eda usar la configuraci\u00f3n \"../../../../\" de la carpeta del servidor FTP para establecer la carpeta root del router para el acceso FTP. Esto le permite acceder a todo el sistema de archivos del router por medio del servidor FTP"}], "lastModified": "2024-11-21T06:58:55.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-825_firmware:2022.01.13-13.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F5D8B76-5CFC-4FFB-AB8F-24C881842A0F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-825:r2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3006903F-D7BB-4282-A144-30B0E9E61425"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}