CVE-2025-60701

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub433188 function in prog.cgi stores user-supplied email configuration parameters EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, AccountName in NVRAM v...

Command injection

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...