Command Injection Vulnerability in D-Link DIR-880L Router
CVE-2025-4341

5.3MEDIUM

Key Information:

Vendor: D-link
Status: Dir-880l
Vendor: CVE Published:; 6 May 2025

Badges

👾 Exploit Exists

What is CVE-2025-4341?

A command injection vulnerability exists in the D-Link DIR-880L router, specifically within the sub_16570 function of the Request Header Handler. This vulnerability allows an attacker to manipulate HTTP headers such as HTTP_ST, REMOTE_ADDR, REMOTE_PORT, and SERVER_ID, leading to potential unauthorized command execution. The vulnerability can be exploited remotely, and it affects only the D-Link DIR-880L models that are no longer supported by the vendor. Organizations using this model should immediately assess their security posture and consider mitigation strategies to protect against potential exploitation.

Affected Version(s)

DIR-880L 104WWb01

References

https://vuldb.com/?id.307459

vdb-entrytechnical-description

https://vuldb.com/?ctiid.307459

signaturepermissions-required

https://vuldb.com/?submit.556433

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 6, 2025
Vulnerability published
May 6, 2025
Vulnerability Reserved
May 5, 2025

Credit

BabyShark (VulDB User)

D-link