Security Advisory

CVE-2022-36786

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-17 00:00:00

Last updated 2025-04-29 20:01:06

Assigner INCD

State PUBLISHED

Description

DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router.

← Browse all CVEs View on cve.org ↗