← Volver a CVEs
CVE-2025-44084
CRITICAL9.8
Descripcion
D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado5/20/2025
Ultima modificacion5/30/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
dlink:di-8100dlink:di-8100g_firmware
Debilidades (CWE)
CWE-77
Referencias
https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.