Command Injection Vulnerability in D-Link Routers DIR-890L and DIR-806A1
CVE-2025-4340

5.3MEDIUM

Key Information:

Vendor: D-link
Status: Dir-890l; Dir-806a1
Vendor: CVE Published:; 6 May 2025

Badges

👾 Exploit Exists

What is CVE-2025-4340?

A security flaw has been identified in D-Link DIR-890L and DIR-806A1 routers related to a command injection in the soap.cgi file. This vulnerability allows attackers to execute arbitrary commands remotely due to improper input validation within the sub_175C8 function. It is important to note that this vulnerability impacts devices that no longer receive support from the vendor, increasing the risk of exploitation. As the exploit has been disclosed publicly, users of these models are strongly advised to take immediate action to secure their devices.

Affected Version(s)

DIR-806A1 100CNb11

DIR-806A1 108B03

DIR-890L 100CNb11

References

https://vuldb.com/?id.307458

vdb-entrytechnical-description

https://vuldb.com/?ctiid.307458

signaturepermissions-required

https://vuldb.com/?submit.556092

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 6, 2025
Vulnerability published
May 6, 2025
Vulnerability Reserved
May 5, 2025

Credit

BabyShark (VulDB User)

D-link