CVE-2026-4499

CVE-2026-4499 affects D-Link DIR-820LW firmware 2.03. The vulnerability targets the SSDP component’s ssdpcgi_main function, where manipulation can lead to an OS command injection. The issue can be exploited remotely over the network, and public disclosures indicate an exploit exists. Connections ...

CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-15391 D-Link DIR-806A SSDP Request ssdpcgi_main command injection

A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgimain of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This...

EUVD-2025-24799

Malicious code in bioql PyPI...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

D-Link DIR-818L firmware up to 1.05B01 is affected by a vulnerability in the getenv function of /htdocs/cgibin (ssdpcgi), enabling remote command injection. The issue allows an attacker to remotely exploit the vulnerability; the public exploit has been disclosed. Remediation: upgrade to a version...

CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

PT-2025-33148 · D Link · D-Link Dir-818Lw

Name of the Vulnerable Software and Affected Versions: D-Link DIR-818L versions up to 1.05B01 Description: A vulnerability exists in D-Link DIR-818L that allows for remote command injection. The issue is located within the getenv function of the /htdocs/cgibin file, specifically in the ssdpcgi...

D-Link DIR-817L Command Injection Vulnerability

D-Link DIR-817L is a home-grade dual-band wireless router from D-Link that supports IEEE 802.11ac standard with dual-band concurrency 2.4GHz/5GHz and a maximum wireless transmission rate of 750Mbps. A command injection vulnerability exists in the D-Link DIR-817L, which stems from the failure of t...

CVE-2025-7932

A vulnerability classified as critical has been found in D-Link DIR‑817L up to 1.04B01. This affects the function lxmldbcsystem of the file ssdpcgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2025-7932 D-Link DIR‑817L ssdpcgi lxmldbc_system command injection

A vulnerability classified as critical has been found in D-Link DIR‑817L up to 1.04B01. This affects the function lxmldbcsystem of the file ssdpcgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

D-Link DIR-817L 命令注入漏洞

D-Link DIR-817L is a home-grade dual-band wireless router from D-Link that supports IEEE 802.11ac standard with dual-band concurrency 2.4GHz/5GHz and a maximum wireless transmission rate of 750Mbps. A command injection vulnerability exists in the D-Link DIR-817L, which stems from the failure of t...

D-Link DIR-645 Command Injection Vulnerability

D-Link DIR-645 is a Gigabit wireless router for home and SMB users launched by D-Link in 2012. The D-Link DIR-645 suffers from a command injection vulnerability that stems from the failure of the file /htdocs/cgibin function ssdpcgimain in the component ssdpcgi to correctly filter constructed...

CVE-2025-7192

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-7192 D-Link DIR-645 ssdpcgi cgibin ssdpcgi_main command injection

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2025-7192 D-Link DIR-645 ssdpcgi cgibin ssdpcgi_main command injection

A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgimain of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed ...

The vulnerability of the ssdpcgi_main function in the binary file cgibin of D-Link DIR-815 router microprogramming software, allowing a hacker to execute any command they desire.

The vulnerability of the ssdpcgimain function in the binary file cgibin of D-Link DIR-815 router microprogramming software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...