CNNVD-202512-5455 Information

CNNVD ID

CNNVD-202512-5455

Related CVE

CVE-2025-15245

• CNNVD Published: 2025-12-30

Description (Chinese)

D-Link DCS-850L是中国友讯（D-Link）公司的一款无线网络摄影机。 D-Link DCS-850L 1.02.09版本存在路径遍历漏洞，该漏洞源于对组件Firmware Update Service中参数DownloadFile的错误操作，可能导致路径遍历。

Description (English)

D-Link DCS-850L is a wireless Internet camera of the Chinese company D-Link. Version D-Link DCS-8550L 1.02.09 has a path-wide loophole that results from an error in the parameter DownloadFile of the component Firmware Update Service, which may lead to a path-wide loop.

Hazard Level

Critical

Vulnerability Type

路径遍历

Affected Vendor

友讯

Published

2025-12-30

Last Modified

2026-02-24

References

https://tzh00203.notion.site/D-Link-DCS850L-v1-02-09-Path-Traversal-Vulnerability-in-Firmware-Update-2d8b5c52018a803abbc7e30e2858d084?source=copy_link https://vuldb.com/?ctiid.338635 https://vuldb.com/?id.338635 https://vuldb.com/?submit.725742 https://www.dlink.com/