CVE-2025-25894

Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 version 1.01

Description: An OS command injection issue was discovered, allowing attackers to execute arbitrary operating system commands via crafted packets. This is achieved through the samba wg and samba nbn parameters.

Recommendations: For D-Link DSL-3782 version 1.01, as a temporary workaround, consider restricting access to the samba wg and samba nbn parameters until a patch is available. Avoid using these parameters in crafted packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.