CISA Known Exploited Vulnerability

CVE-2022-26258

D-Link · DIR-820L

D-Link DIR-820L Remote Code Execution Vulnerability

Date added 2022-09-08

BOD 22-01 due date 2022-09-29

CWE CWE-78

Ransomware Unknown

CISA description

D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.

Required action

The impacted product is end-of-life and should be disconnected if still in use.

Notes & references

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

External lookups