CNNVD-202508-3172 Information
CNNVD ID
CNNVD-202508-3172
Related CVE
- CNNVD Published: 2025-08-27
Description (Chinese)
D-Link DIR-600等都是中国友讯(D-Link)公司的产品。D-Link DIR-600是一款无线路由器。D-Link DIR-412是一款无线路由器。D-Link DIR-110是一款有线路由器。 D-Link多款产品存在安全漏洞,该漏洞源于对EVENT=CHECKFW参数输入处理不当,可能导致远程命令执行。以下产品及版本受到影响:DIR-110、DIR-412、DIR-600、DIR-610、DIR-615、DIR-645和DIR-878版本。
Description (English)
D-Link DIR-600 and others are products of the Chinese company D-Link. D-Link DIR-600 is a wireless router. D-Link DIR-412 is a wireless router. D-Link DIR-110 is a router. There is a safety gap in multiple D-Link products, which results from the inappropriate handling of EVENT = CHECKFW parameters, which may lead to remote command execution. The following products and versions were affected: DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645 and DIR-878.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
D3D
Published
2025-08-27
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/dlink-dir-rce-service-cgi https://www.exploit-db.com/exploits/43496 https://support.dlink.com/EndOfLifePolicy.aspx https://legacy.us.dlink.com/ https://github.com/Cr0n1c/dlink_shell_poc/blob/master/dlink_auth_rce https://nvd.nist.gov/vuln/detail/CVE-2018-25115
Share on: