Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-40799
Analyzed
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-29 Nov, 2022 | 05:15
Updated At-03 Nov, 2025 | 18:13

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2025-08-052025-08-26D-Link DNR-322L Download of Code Without Integrity Check VulnerabilityApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Date Added: 2025-08-05
Due Date: 2025-08-26
Vulnerability Name: D-Link DNR-322L Download of Code Without Integrity Check Vulnerability
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
D-Link Corporation
dlink
>>dnr-322l_firmware>>Versions up to 2.60b15(inclusive)
cpe:2.3:o:dlink:dnr-322l_firmware:*:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dnr-322l>>-
cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-494Primarynvd@nist.gov
CWE-494Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-494
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-494
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitlab.com/lu-ka/cve-2022-40799cve@mitre.org
Exploit
Third Party Advisory
https://gitlab.com/lu-ka/cve-2022-40799af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40799134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource
https://www.dlink.com/uk/en/products/dnr-322l-cloud-network-video-recorder134c704f-9b21-4f2e-91b3-4a467353bcc0
Product
Hyperlink: https://gitlab.com/lu-ka/cve-2022-40799
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://gitlab.com/lu-ka/cve-2022-40799
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40799
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
US Government Resource
Hyperlink: https://www.dlink.com/uk/en/products/dnr-322l-cloud-network-video-recorder
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Product
Change History
0Changes found
Details not found