Name of the Vulnerable Software and Affected Versions:

D-Link DIR-852 version 1.00CN B09

Description:

A security issue has been identified in the SOAP Service component of D-Link DIR-852 version 1.00CN B09. Manipulation of the `service` argument within the `soapcgi main` function of the `soap.cgi` file can lead to operating system command injection. This allows for remote attacks. The exploit for this issue has been publicly disclosed. This vulnerability affects products that are no longer supported by the maintainer.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.