Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Critical Vulnerabilities in D-Link Routers
Alerts

Active Exploitation of Critical Vulnerabilities in D-Link Routers

9 September 2022

There have been reports of active exploitation of two critical vulnerabilities found in D-Link routers.

The critical vulnerabilities are:

  • CVE-2022-28958 - A vulnerability in the "Value" parameter of the sharepoint.php file of D-Link DIR816L routers with firmware version 206b01.

  • CVE-2022-26258 - A vulnerability in the "Device Name" parameter of the /lan.asp file of D-Link DIR-820L routers with firmware version 1.05B03.

Successful exploitation of the vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code.

Administrators and users of the affected products are advised to disconnect them and upgrade to newer routers as both products have reached end-of-life. In the meantime, remote access to the admin panel should be disabled.

More information is available here:

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10302

https://nvd.nist.gov/vuln/detail/CVE-2022-28958#vulnCurrentDescriptionTitle

https://nvd.nist.gov/vuln/detail/CVE-2022-26258#vulnCurrentDescriptionTitle

Back to top