cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-42156,https://securityvulnerability.io/vulnerability/CVE-2022-42156,Command Injection Vulnerability in D-Link COVR 1200 and 1203 Products,"The D-Link COVR 1200 and 1203 devices contain a command injection vulnerability that can be exploited via the 'tomography_ping_number' parameter in the SetNetworkTomographySettings function. Attackers can potentially manipulate network settings, leading to unauthorized command execution. It is crucial for users to apply security measures to protect their devices and networks from potential exploitation.",D-Link,Covr 1203 Firmware,8.8,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-10-13T00:00:00.000Z,0
CVE-2022-42159,https://securityvulnerability.io/vulnerability/CVE-2022-42159,Predictable Seed Vulnerability in D-Link COVR Routers,"D-Link COVR 1200, 1202, and 1203 devices suffer from a vulnerability where a predictable seed is used in their Pseudo-Random Number Generator. This weakness allows attackers to potentially predict the output of the RNG, increasing the risk of unauthorized access and compromising the security of the devices. Users are advised to review security updates and apply necessary patches to mitigate the risks associated with this vulnerability.",D-Link,Covr 1203 Firmware,4.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2022-10-13T00:00:00.000Z,0
CVE-2022-42160,https://securityvulnerability.io/vulnerability/CVE-2022-42160,Command Injection Vulnerability in D-Link COVR 1200 Series,"The D-Link COVR 1200 series devices, including models 1200, 1202, and 1203, are susceptible to a command injection vulnerability. This flaw arises from improper handling of the system_time_timezone parameter within the SetNTPServerSettings function. An attacker could leverage this vulnerability to inject malicious commands, potentially compromising the device's functionality and integrity. Users are advised to update their devices to the latest firmware to mitigate this risk and ensure the security of their networks.",D-Link,Covr 1203 Firmware,8.8,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-10-13T00:00:00.000Z,0
CVE-2022-42161,https://securityvulnerability.io/vulnerability/CVE-2022-42161,Command Injection Vulnerability in D-Link COVR Routers,"The D-Link COVR series, specifically versions 1200, 1202, and 1203, has been found to be susceptible to a command injection vulnerability. This flaw exists in the /SetTriggerWPS/PIN parameter within the SetTriggerWPS function, which could allow an attacker to inject arbitrary commands into the device. Successful exploitation could lead to unauthorized access and control over the network, posing significant risks to both data integrity and confidentiality.",D-Link,Covr 1203 Firmware,8.8,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-10-13T00:00:00.000Z,0