Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-40799
Analyzed
Known KEV
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-29 Nov, 2022 | 05:15
Updated At-06 Aug, 2025 | 20:42

Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2025-08-052025-08-26D-Link DNR-322L Download of Code Without Integrity Check VulnerabilityApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
D-Link Corporation
dlink
>>dnr-322l_firmware>>Versions up to 2.60b15(inclusive)
cpe:2.3:o:dlink:dnr-322l_firmware:*:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dnr-322l>>-
cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-494Primarynvd@nist.gov
CWE-494Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitlab.com/lu-ka/cve-2022-40799cve@mitre.org
Exploit
Third Party Advisory
https://gitlab.com/lu-ka/cve-2022-40799af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://www.dlink.com/uk/en/products/dnr-322l-cloud-network-video-recorder134c704f-9b21-4f2e-91b3-4a467353bcc0
Product
Change History
0Changes found
Details not found