CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8956

D-Link DIR-818L firmware up to 1.05B01 is affected by a vulnerability in the getenv function of /htdocs/cgibin (ssdpcgi), enabling remote command injection. The issue allows an attacker to remotely exploit the vulnerability; the public exploit has been disclosed. Remediation: upgrade to a version...

PT-2025-28663 · D Link · D-Link Dir-645

Name of the Vulnerable Software and Affected Versions: D-Link DIR-645 versions 1.05B01 and earlier Description: A critical issue affects the ssdpcgi main function of the ssdpcgi component, located in the /htdocs/cgibin file. This problem leads to command injection and can be exploited remotely. T...

D-Link DCH-M225 Arbitrary OS Command Execution Vulnerability

The DCH-M225 is a Wifi portable audio extender. An arbitrary OS command execution vulnerability exists in D-Link DCH-M225 version 1.05b01 and earlier. A remote authenticated administrator can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the media rendere...