CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-4499

CVE-2026-4499 affects D-Link DIR-820LW firmware 2.03. The vulnerability targets the SSDP component’s ssdpcgi_main function, where manipulation can lead to an OS command injection. The issue can be exploited remotely over the network, and public disclosures indicate an exploit exists. Connections ...

CVE-2025-15391 D-Link DIR-806A SSDP Request ssdpcgi_main command injection

A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgimain of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This...

EUVD-2025-24799

Malicious code in bioql PyPI...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

D-Link DIR-818L firmware up to 1.05B01 is affected by a vulnerability in the getenv function of /htdocs/cgibin (ssdpcgi), enabling remote command injection. The issue allows an attacker to remotely exploit the vulnerability; the public exploit has been disclosed. Remediation: upgrade to a version...

CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

PT-2025-33148 · D Link · D-Link Dir-818Lw

Name of the Vulnerable Software and Affected Versions: D-Link DIR-818L versions up to 1.05B01 Description: A vulnerability exists in D-Link DIR-818L that allows for remote command injection. The issue is located within the getenv function of the /htdocs/cgibin file, specifically in the ssdpcgi...

D-Link DIR-817L Command Injection Vulnerability

D-Link DIR-817L is a home-grade dual-band wireless router from D-Link that supports IEEE 802.11ac standard with dual-band concurrency 2.4GHz/5GHz and a maximum wireless transmission rate of 750Mbps. A command injection vulnerability exists in the D-Link DIR-817L, which stems from the failure of t...

CVE-2025-7932

A vulnerability classified as critical has been found in D-Link DIR‑817L up to 1.04B01. This affects the function lxmldbcsystem of the file ssdpcgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2025-7932 D-Link DIR‑817L ssdpcgi lxmldbc_system command injection

A vulnerability classified as critical has been found in D-Link DIR‑817L up to 1.04B01. This affects the function lxmldbcsystem of the file ssdpcgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

D-Link DIR-645 Command Injection Vulnerability

D-Link DIR-645 is a Gigabit wireless router for home and SMB users launched by D-Link in 2012. The D-Link DIR-645 suffers from a command injection vulnerability that stems from the failure of the file /htdocs/cgibin function ssdpcgimain in the component ssdpcgi to correctly filter constructed...

D-Link DIR-817L 命令注入漏洞

D-Link DIR-817L is a home-grade dual-band wireless router from D-Link that supports IEEE 802.11ac standard with dual-band concurrency 2.4GHz/5GHz and a maximum wireless transmission rate of 750Mbps. A command injection vulnerability exists in the D-Link DIR-817L, which stems from the failure of t...

CVE-2025-7192

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-7192 D-Link DIR-645 ssdpcgi cgibin ssdpcgi_main command injection

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-7192 D-Link DIR-645 ssdpcgi cgibin ssdpcgi_main command injection

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-4341

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command...