CNNVD-202512-2586 Information
CNNVD ID
CNNVD-202512-2586
Related CVE
- CNNVD Published: 2025-12-14
Description (Chinese)
D-Link DIR-860LB1和D-Link DIR-868LB1都是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-860LB1和D-Link DIR-868LB1 203b01/203b03版本存在命令注入漏洞,该漏洞源于对DHCP Daemon组件中参数Hostname的错误操作,可能导致命令注入攻击。
Description (English)
D-Link DIR-860/LB1 and D-Link DIR-868LB1 are both wireless routers of the Chinese company D-Link. The D-Link DIR-860/LB1 and D-Link DIR-868LB1 203b01/203b03 versions contain a command-injecting loophole, which stems from an error with Hostname, the parameter in the DHCP Daemon component, which may lead to an order-injection attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
友讯
Published
2025-12-14
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.336391 https://tzh00203.notion.site/D-Link-DIR-868LB1-v203b01-Command-Injection-in-DHCPd-2c8b5c52018a805296c3dea51a7a4070?source=copy_link https://vuldb.com/?id.336391 https://vuldb.com/?submit.713701 https://tzh00203.notion.site/D-Link-DIR-860LB1-v203b03-Command-Injection-in-DHCPd-2c6b5c52018a807eab1ae73dbd95eee3?source=copy_link https://www.dlink.com/ https://vuldb.com/?submit.714709 https://access.redhat.com/security/cve/cve-2025-14659
Share on: