Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 29, 2022

CVE-2022-26258

High
EPSS 87.6%CISA KEV
D-Link/DIR-820L

Description

D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.

EPSS — Exploit Probability

87.6%

Higher than 99.5% of all CVEs

Required Action

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10295; https://nvd.nist.gov/vuln/detail/CVE-2022-26258

Risk Assessment

HIGH
In CISA KEV
High EPSS

Details

Severity
High
EPSS
87.6%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Sep 8, 2022

Added to KEV

Sep 8, 2022

Remediation Due

Sep 29, 2022

Affected Product

D-Link

DIR-820L

View all D-Link CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE