Skip to main content

CVE-2022-42160: n/a in n/a

High
VulnerabilityCVE-2022-42160cvecve-2022-42160
Published: Thu Oct 13 2022 (10/13/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command injection vulnerability via the system_time_timezone parameter at function SetNTPServerSettings.

AI-Powered Analysis

AILast updated: 07/06/2025, 07:57:16 UTC

Technical Analysis

CVE-2022-42160 is a high-severity command injection vulnerability identified in D-Link COVR 1200, 1202, and 1203 devices running firmware version 1.08. The vulnerability exists in the function SetNTPServerSettings, specifically via the system_time_timezone parameter. Command injection vulnerabilities occur when untrusted input is passed to a system shell or command interpreter without proper sanitization, allowing an attacker to execute arbitrary commands on the underlying operating system. In this case, the system_time_timezone parameter is not properly sanitized, enabling an attacker with at least low-level privileges (PR:L) to inject malicious commands. The CVSS v3.1 base score of 8.8 reflects the critical nature of this flaw, with network attack vector (AV:N), low attack complexity (AC:L), no user interaction required (UI:N), and impacts on confidentiality, integrity, and availability (C:H/I:H/A:H). Exploitation does not require user interaction but does require some level of privilege, which could be obtained through other vulnerabilities or weak authentication mechanisms. Successful exploitation could allow an attacker to execute arbitrary commands with the privileges of the affected device, potentially leading to full device compromise, interception or manipulation of network traffic, lateral movement within the network, or persistent backdoors. The vulnerability is categorized under CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')). No patches or known exploits in the wild have been reported as of the publication date (October 13, 2022). However, the presence of this vulnerability in widely deployed home and small office mesh Wi-Fi systems presents a significant risk if left unmitigated.

Potential Impact

For European organizations, the impact of this vulnerability can be substantial, especially for small and medium-sized enterprises (SMEs) and home office environments that rely on D-Link COVR mesh Wi-Fi systems for network connectivity. Exploitation could lead to unauthorized command execution on network devices, enabling attackers to intercept sensitive data, disrupt network availability, or pivot to other internal systems. This could result in data breaches, operational downtime, and potential regulatory non-compliance under GDPR due to compromised confidentiality and integrity of personal data. Additionally, compromised network devices could be leveraged as part of botnets or for launching further attacks, amplifying the threat landscape. The lack of available patches increases the risk window, making timely mitigation critical. Given the high CVSS score and the critical nature of network infrastructure devices, European organizations should prioritize addressing this vulnerability to maintain network security and trust.

Mitigation Recommendations

1. Immediate mitigation should include isolating affected D-Link COVR devices from critical network segments to limit potential lateral movement. 2. Restrict administrative access to these devices by enforcing strong authentication mechanisms, including complex passwords and, where possible, multi-factor authentication. 3. Disable remote management features if not required, reducing the attack surface. 4. Monitor network traffic for unusual activity originating from or targeting these devices, using intrusion detection/prevention systems (IDS/IPS). 5. Regularly audit device configurations to ensure no unauthorized changes have been made. 6. Engage with D-Link support channels to obtain firmware updates or patches as they become available; if no official patch exists, consider replacing affected devices with models that have received security updates. 7. Implement network segmentation to limit the impact of any potential compromise. 8. Educate users and administrators about the risks associated with this vulnerability and the importance of timely updates and secure configurations.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-03T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0f91484d88663aebed0

Added to database: 5/20/2025, 6:59:05 PM

Last enriched: 7/6/2025, 7:57:16 AM

Last updated: 8/10/2025, 7:23:00 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats