CVE-2025-7192

Name of the Vulnerable Software and Affected Versions: D-Link DIR-645 versions 1.05B01 and earlier

Description: A critical issue affects the ssdpcgi main function of the ssdpcgi component, located in the /htdocs/cgibin file. This problem leads to command injection and can be exploited remotely. The exploit has been publicly disclosed and may be used. This issue only affects products that are no longer supported by the manufacturer.

Recommendations: For D-Link DIR-645 versions 1.05B01 and earlier, as a temporary workaround, consider disabling the ssdpcgi main function until a patch is available. Restrict access to the /htdocs/cgibin file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.