Skip to main content

CVE-2022-44929: n/a in n/a

Critical
VulnerabilityCVE-2022-44929cvecve-2022-44929n-acwe-276
Published: Fri Dec 02 2022 (12/02/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles.

AI-Powered Analysis

AILast updated: 06/22/2025, 01:07:04 UTC

Technical Analysis

CVE-2022-44929 is a critical access control vulnerability identified in the D-Link DVG-G5402SP device, specifically in its GE_1.03 firmware version. This vulnerability allows unauthenticated attackers to escalate privileges by arbitrarily editing VoIP SIB (Subscriber Information Base) profiles. The core issue stems from improper access control mechanisms (classified under CWE-276: Incorrect Default Permissions) that fail to restrict unauthorized modification of sensitive VoIP configuration data. Exploiting this flaw requires no authentication or user interaction, and can be performed remotely over the network (AV:N). The vulnerability impacts confidentiality, integrity, and availability, as attackers can manipulate VoIP profiles to intercept, redirect, or disrupt voice communications, potentially gaining administrative control over the device. The CVSS v3.1 base score is 9.8, reflecting the ease of exploitation and the severe impact on system security. Although no public exploits have been reported in the wild yet, the high severity and straightforward exploitation vector make this a significant threat to organizations using the affected D-Link device for VoIP services.

Potential Impact

For European organizations, especially those relying on D-Link DVG-G5402SP devices for VoIP telephony infrastructure, this vulnerability poses a substantial risk. Successful exploitation could lead to unauthorized access to internal voice communications, enabling eavesdropping, call interception, or manipulation of call routing. This compromises confidentiality and could facilitate further lateral movement within corporate networks. Integrity of communication is also at risk, as attackers could alter VoIP configurations to disrupt services or inject malicious payloads. Availability may be impacted through denial-of-service conditions caused by misconfigured or corrupted VoIP profiles. Critical sectors such as finance, government, healthcare, and telecommunications in Europe that depend on secure voice communications could face operational disruptions, data breaches, and regulatory compliance violations (e.g., GDPR). The lack of authentication requirement and remote exploitability increases the attack surface, making this vulnerability particularly dangerous in environments with exposed or poorly segmented network infrastructure.

Mitigation Recommendations

1. Immediate network segmentation: Isolate D-Link DVG-G5402SP devices on dedicated VLANs with strict access controls to limit exposure to untrusted networks. 2. Restrict management interfaces: Disable or restrict remote management access to trusted IP addresses only, preferably via VPN or secure management channels. 3. Monitor network traffic for anomalous VoIP profile modification attempts using IDS/IPS solutions with custom signatures targeting unauthorized SIB profile edits. 4. Implement strict firewall rules to block unauthorized inbound traffic to the device's management and VoIP configuration ports. 5. Regularly audit device configurations and logs to detect unauthorized changes promptly. 6. Engage with D-Link support or authorized vendors to obtain firmware updates or patches addressing this vulnerability; if unavailable, consider device replacement or alternative secure VoIP solutions. 7. Educate IT staff on the risks and signs of exploitation related to this vulnerability to enhance incident detection and response capabilities.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-11-07T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d9840c4522896dcbf12d5

Added to database: 5/21/2025, 9:09:20 AM

Last enriched: 6/22/2025, 1:07:04 AM

Last updated: 8/16/2025, 5:37:45 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats