CVE-2025-10093

Sažetak

A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability is the function phpcgi_main of the file /getcfg.php of the component Device Configuration Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://github.com/i-Corner/cve/issues/21
https://vuldb.com/?ctiid.323049
https://vuldb.com/?id.323049
https://vuldb.com/?submit.644935
https://www.dlink.com/
https://github.com/i-Corner/cve/issues/21

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

29-09-2025 - 18:27

Objavljeno

08-09-2025 - 12:15