CNNVD-202510-1694 Information

CNNVD ID

CNNVD-202510-1694

Related CVE

CVE-2025-11665

• CNNVD Published: 2025-10-13

Description (Chinese)

D-Link DAP-2695是中国友讯（D-Link）公司的一款高性能双频无线接入点。 D-Link DAP-2695 2.00RC131版本存在操作系统命令注入漏洞，该漏洞源于文件rgbin中组件Firmware Update Handler的函数fwupdater_main存在os命令注入，可能导致远程攻击。

Description (English)

D-Link DAP-2695 is a high-performance double-frequency wireless access point for the Chinese company D-Link. The D-Link DAP-2695 2.00RC131 version contains a loophole in the operating system command that originates from the function of the rgbin component Firmware Update Handler, fwupdater main in the file, which may result in a remote attack.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

友讯

Published

2025-10-13

Last Modified

2026-02-24

References

https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DAP-2695.md https://vuldb.com/?ctiid.328084 https://vuldb.com/?id.328084 https://vuldb.com/?submit.673104 https://www.dlink.com/