CNNVD-202512-5549 Information

CNNVD ID

CNNVD-202512-5549

Related CVE

CVE-2025-15391

• CNNVD Published: 2025-12-31

Description (Chinese)

D-Link DIR-806A是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-806A 100CNb11版本存在命令注入漏洞，该漏洞源于SSDP Request Handler组件中ssdpcgi_main函数存在命令注入，可能导致远程攻击。

Description (English)

D-Link DIR-806A is a wireless router of D-Link. The D-Link DIR-806A 100CNb11 version has a command-injecting loophole, which stems from the existence of the ssdpcgi main function in the SDP Request Handler component, which could lead to a remote attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2025-12-31

Last Modified

2026-02-24

References

https://github.com/ccc-iotsec/cve-/blob/D-Link/D-Link%20DIR-806A%E6%9C%AA%E6%8E%88%E6%9D%83RCE.md https://vuldb.com/?ctiid.339152 https://vuldb.com/?id.339152 https://vuldb.com/?submit.727637 https://www.dlink.com/