CNNVD-202506-3747 Information

CNNVD ID

CNNVD-202506-3747

Related CVE

CVE-2025-6899

• CNNVD Published: 2025-06-30

Description (Chinese)

D-Link DI-7300G+是中国友讯（D-Link）公司的一款坚固耐用的企业级智能网关。 D-Link DI-7300G+ 19.12.25A1版本和DI-8200G 17.12.20A1版本存在安全漏洞，该漏洞源于文件msp_info.htm中参数flag、cmd和iface的错误操作导致os命令注入。

Description (English)

D-Link DI-7300G+ is a strong and durable enterprise smart gateway for the Chinese company D-Link. The D-Link DI-7300G+ 19.12.25A1 and DI-8200G 17.12.20A1 have a security loophole resulting from the error of the parameters flag, cmd and face in document msp info.htm, which resulted in the injection of the Os command.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

D-Zero

Published

2025-06-30

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-6899 https://nvd.nist.gov/vuln/detail/CVE-2025-6899