CVE-2022-48108
Description
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to escalate privileges to root via a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Command injection in D-Link DIR-878 firmware 1.30B08 via the SubnetMask parameter allows unauthenticated remote attackers to execute arbitrary commands as root.
Vulnerability
D-Link DIR_878_FW1.30B08 contains a command injection vulnerability in the /SetNetworkSettings/SubnetMask component [1]. The firmware version affected is DIR_878_FW1.30B08.bin [1]. The program passes user-supplied input from the SubnetMask parameter through sprintf and then executes it via system() without sanitization [1].
Exploitation
An attacker can send a crafted POST request to /HNAP1/ with a malicious SubnetMask payload (e.g., && ls > /tmp/456 &&echo 1) to inject arbitrary commands [1]. No authentication is required; the attacker only needs network access to the device's web interface on port 7018 [1].
Impact
Successful exploitation allows arbitrary command execution with root privileges, leading to full compromise of the router [1].
Mitigation
As of the publication date, D-Link has not released a firmware update to fix this vulnerability [2]. Users are advised to monitor D-Link's security bulletin [2] and consider restricting access to the device's management interface.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.