Skip to main content

CVE-2022-43002: n/a in n/a

Critical
VulnerabilityCVE-2022-43002cvecve-2022-43002
Published: Wed Oct 26 2022 (10/26/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54.

AI-Powered Analysis

AILast updated: 07/05/2025, 14:54:43 UTC

Technical Analysis

CVE-2022-43002 is a critical stack overflow vulnerability identified in the D-Link DIR-816 A2 router firmware version 1.10 B05. The vulnerability arises from improper handling of the wizardstep54_pskpwd parameter in the /goform/form2WizardStep54 endpoint. Specifically, the parameter allows an attacker to overflow the stack by sending crafted input, which can lead to arbitrary code execution. This vulnerability is classified under CWE-787 (Out-of-bounds Write), indicating that the flaw involves writing data outside the intended buffer boundaries. The CVSS v3.1 base score of 9.8 reflects the high severity, with an attack vector of network (AV:N), no required privileges (PR:N), no user interaction (UI:N), and impacts on confidentiality, integrity, and availability (C:H/I:H/A:H). Exploitation does not require authentication or user interaction, making it highly accessible to remote attackers. Although no known exploits are currently reported in the wild, the critical nature and ease of exploitation make it a significant threat to affected devices. The lack of vendor or product details beyond the router model and firmware version suggests limited public information, but the vulnerability clearly targets a widely deployed consumer-grade router model. Successful exploitation could allow attackers to take full control of the device, intercept or manipulate network traffic, disrupt network availability, or pivot into internal networks.

Potential Impact

For European organizations, especially small and medium enterprises or home offices relying on D-Link DIR-816 A2 routers, this vulnerability poses a severe risk. Compromise of these routers can lead to unauthorized access to internal networks, interception of sensitive data, and disruption of business operations. Given the router's role as a network gateway, attackers could deploy malware, conduct man-in-the-middle attacks, or use the device as a foothold for lateral movement within corporate or home networks. The critical severity and remote exploitability without authentication increase the likelihood of attacks targeting vulnerable devices. Additionally, the potential for widespread impact exists if these routers are used in critical infrastructure or by organizations handling sensitive personal or financial data under GDPR regulations, raising compliance and reputational risks.

Mitigation Recommendations

Since no official patch or vendor advisory is currently available, European organizations should take immediate steps to mitigate risk. First, identify all D-Link DIR-816 A2 routers running firmware version 1.10 B05 within the network. If possible, isolate these devices from critical network segments or restrict access to the router management interface to trusted IP addresses only. Disable remote management features to reduce exposure. Employ network-level protections such as intrusion detection/prevention systems (IDS/IPS) with signatures targeting exploitation attempts against this vulnerability. Monitor network traffic for unusual activity related to the /goform/form2WizardStep54 endpoint. Where feasible, replace vulnerable routers with updated models or alternative devices with active vendor support. Regularly check for firmware updates from D-Link and apply patches promptly once available. Additionally, educate users about the risks and encourage strong network segmentation and use of VPNs to limit exposure.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-17T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d981bc4522896dcbd9af1

Added to database: 5/21/2025, 9:08:43 AM

Last enriched: 7/5/2025, 2:54:43 PM

Last updated: 8/14/2025, 7:11:10 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats