CVE

CVE-2022-36786

admin

CVE-2022-36786

DLINK – DSL-224 Post-auth PCE. DLINK router has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router.

Source: CVE-2022-36786

Exit mobile version