CVE-2025-9752

Sažetak

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://github.com/i-Corner/cve/issues/18
https://vuldb.com/?ctiid.322053
https://vuldb.com/?id.322053
https://vuldb.com/?submit.640590
https://www.dlink.com/
https://github.com/i-Corner/cve/issues/18

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

04-09-2025 - 18:47

Objavljeno

01-09-2025 - 01:15