CVE-2022-37055 D-Link CVE debrief

Who should care

Teams responsible for D-Link routers, especially IT, network, and security administrators managing internet-facing or remotely administered devices. MSPs and asset owners that support D-Link router fleets should also prioritize this issue.

Technical summary

The corpus identifies the vulnerability only as a buffer overflow affecting D-Link routers and provides no model list, trigger conditions, or attack path details. CISA’s KEV entry confirms known exploitation status and directs defenders to apply vendor mitigations or discontinue use if mitigations are unavailable.

Defensive priority

Urgent. CISA KEV inclusion and the 2025-12-29 remediation due date make this a near-term priority for inventory, validation, and mitigation.

Recommended defensive actions

• Inventory all D-Link routers and identify exact models and firmware versions using vendor documentation and the official CVE/NVD records.
• Apply D-Link mitigations or firmware updates referenced by the vendor security guidance for this issue.
• If effective mitigations are unavailable, remove the affected product from service or replace it.
• Reduce exposure of router management interfaces, especially on internet-facing devices, until remediation is complete.
• Verify remediation and monitor for abnormal behavior or signs of compromise on affected devices.

Evidence notes

Authoritative evidence in the supplied corpus is limited to the CISA KEV metadata and official record links. The KEV entry lists vendorProject=D-Link, product=Routers, vulnerabilityName='D-Link Routers Buffer Overflow Vulnerability', dateAdded=2025-12-08, dueDate=2025-12-29, and knownRansomwareCampaignUse=Unknown. CISA’s notes also reference a D-Link security publication (SAP10308), but its contents are not included in the corpus here.

Official resources