CNNVD-202507-2684 Information

CNNVD ID

CNNVD-202507-2684

Related CVE

CVE-2025-7932

• CNNVD Published: 2025-07-21

Description (Chinese)

D-Link DIR-817L是中国友讯（D-Link）公司的一款路由器。 D-Link DIR-817L 1.04B01及之前版本存在命令注入漏洞，该漏洞源于文件ssdpcgi中函数lxmldbc_system存在命令注入问题，可能导致远程攻击。

Description (English)

D-Link DIR-817L is a router for D-Link. D-Link DIR-817L 1.04B01 and previous versions had a command-injecting loophole, which originated from the document ssdpcgi function lxmldbc system that had command-injecting problems and could lead to a remote attack.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2025-07-21

Last Modified

2026-02-24

References

https://github.com/Patr1ck-S/Patr1ck-S.github.io/blob/main/D-Link%20DIR%E2%80%91817L%20has%20a%20remote%20arbitrary%20command%20execution%20vulnerability%20in%20ssdpcgi(1).md https://vuldb.com/?submit.618951 https://vuldb.com/?ctiid.317061 https://www.dlink.com/ https://vuldb.com/?id.317061