CVE-2022-40799 D-Link CVE debrief

Who should care

Organizations that operate or support D-Link DNR-322L devices, especially security teams, network administrators, and asset owners responsible for internet-facing or otherwise reachable appliances.

Technical summary

The official records identify the issue as a "Download of Code Without Integrity Check" vulnerability affecting the D-Link DNR-322L. CISA has marked it as known exploited. The supplied corpus does not include additional technical detail, a CVSS score, or confirmed attack prerequisites, so the only supported conclusion is that the product should be treated as high priority for defensive review and remediation.

Defensive priority

High. KEV inclusion means this vulnerability is already considered actively exploited by CISA, and the listed due date indicates remediation should be completed promptly.

Recommended defensive actions

• Inventory all D-Link DNR-322L devices and determine whether any are exposed to untrusted networks.
• Apply vendor instructions and mitigations as provided by D-Link.
• If no effective mitigation exists, discontinue use of the product and plan replacement.
• Follow CISA guidance, including BOD 22-01 where applicable to your environment.
• Prioritize remediation before the KEV due date of 2025-08-26.
• Confirm there are no external management interfaces or unnecessary services exposed on affected devices.

Evidence notes

This debrief is intentionally limited to the supplied corpus and official links. Supported facts: the issue is CVE-2022-40799; the product is D-Link DNR-322L; CISA lists it in the Known Exploited Vulnerabilities catalog; the KEV date added is 2025-08-05 and the due date is 2025-08-26; CISA recommends applying vendor mitigations, following BOD 22-01 guidance where relevant, or discontinuing use if mitigations are unavailable. No additional exploitation details or severity score were supplied.

Official resources