CNNVD-202511-2567 Information

CNNVD ID

CNNVD-202511-2567

Related CVE

CVE-2025-13562

• CNNVD Published: 2025-11-23

Description (Chinese)

D-Link DIR-852是中国友讯（D-Link）公司的一款路由器。 D-Link DIR-852 1.00版本存在命令注入漏洞，该漏洞源于文件/gena.cgi中参数service的错误操作，可能导致命令注入攻击。

Description (English)

D-Link DIR-852 is a router for the Chinese company D-Link. Version D-Link DIR-852 1.00 contains a command-injecting loophole, which stems from the error of service in the parameters in the document/gena.cgi, which may lead to an order-injection attack.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2025-11-23

Last Modified

2026-02-24

References

https://github.com/YZS17/CVE/blob/main/DLink/DLink-DIR852/RCE2.md https://vuldb.com/?submit.697063 https://vuldb.com/?id.333327 https://www.dlink.com/ https://vuldb.com/?ctiid.333327 https://access.redhat.com/security/cve/cve-2025-13562