CVE-2022-40799

HIGH KEV

Dlink Dnr-322l Firmware < 2.60b15 - Download Without Integrity Check

Title source: rule

Description

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.

Exploits (2)

gitlab WORKING POC
by rtfmkiesel · poc
https://gitlab.com/rtfmkiesel/cve-2022-40799

References (3)

Scores

CVSS v3 8.8
EPSS 0.5389
EPSS Percentile 98.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-08-05
VulnCheck KEV 2025-08-05
ENISA EUVD EUVD-2022-44065
CWE
CWE-494
Status published
Products (1)
dlink/dnr-322l_firmware < 2.60b15
Published Nov 29, 2022
KEV Added Aug 05, 2025
Tracked Since Feb 18, 2026