CVE-2022-37055

CVE Database · CVE-2022-37055

CVE-2022-37055

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

57.04%

Published

Aug 28, 2022

Modified

Dec 9, 2025

CISA Known Exploited Vulnerability

Added: 2025-12-08 · Due: 2025-12-29

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120CWE-120

Affected Products (4)

dlink · go-rt-ac750_firmwarevulnerable

dlink · go-rt-ac750

dlink · go-rt-ac750_firmwarevulnerable

dlink · go-rt-ac750

References (7)

https://drive.google.com/file/d/1hmIk0jQoex4QDyjIUg_6yxi-J6ROCh8S/view?usp=sharing

ExploitPatchThird Party Advisory

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10308

Vendor Advisory

https://www.dlink.com/en/security-bulletin/

Vendor Advisory

https://drive.google.com/file/d/1hmIk0jQoex4QDyjIUg_6yxi-J6ROCh8S/view?usp=sharing

ExploitPatchThird Party Advisory

https://www.dlink.com/en/security-bulletin/

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-37055

KEV Catalog EPSS Scores Vendors All CVEs