PT-2025-18477 · D Link · D-Link Dir-816
Published
2025-05-01
·
Updated
2025-05-03
·
CVE-2025-44835
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-816 version A2V1.1.0B05
Description
The issue is related to a command injection in
iptablesWebsFilterRun, allowing remote attackers to execute arbitrary commands via the shell. This enables attackers to potentially gain unauthorized access and control over the system.Recommendations
For D-Link DIR-816 version A2V1.1.0B05, consider disabling the
iptablesWebsFilterRun function until a patch is available to prevent remote command execution. Restrict access to the shell to minimize the risk of exploitation.Exploit
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dir-816