CNNVD-202509-2860 Information

CNNVD ID

CNNVD-202509-2860

Related CVE

CVE-2025-10689

• CNNVD Published: 2025-09-18

Description (Chinese)

D-Link DIR-645是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-645 105B01版本存在命令注入漏洞，该漏洞源于对文件/soap.cgi中参数service的错误操作，可能导致远程命令注入。

Description (English)

D-Link DIR-645 is a wireless router of the Chinese company D-Link. The D-Link DIR-645 105B01 version has a command-injecting loophole, which stems from an error in the use of the parameter service in the file/soap.cgi, which may result in a remote command injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

D3D

Published

2025-09-18

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.324813 https://vuldb.com/?id.324813 https://www.dlink.com/ https://vuldb.com/?submit.653689 https://github.com/scanleale/IOT_sec/blob/main/DIR-645-soapcgi.pdf https://access.redhat.com/security/cve/cve-2025-10689