2 matches found
CVE-2026-3485 D-Link DIR-868L SSDP Service sub_1BF84 os command injection
A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability...
CVE-2025-55583
Affected product: D-Link DIR-868L B1 router with firmware FW2.05WWB02. Vulnerability: unauthenticated OS command injection in fileaccess.cgi; endpoint /dws/api/UploadFile passes pre_api_arg directly to system-level shell without sanitization/authentication. Impact: remote command execution as roo...