OS Command Injection Vulnerability in D-Link DIR-816 by D-Link
CVE-2025-5620
Key Information:
Badges
What is CVE-2025-5620?
A significant vulnerability has been detected in the D-Link DIR-816, particularly in the 'setipsec_config' function accessible through the '/goform/setipsec_config' file. This issue allows attackers to manipulate the 'localIP' and 'remoteIP' arguments to execute arbitrary OS commands. The exploitation of this vulnerability can be performed remotely, posing a serious threat to the security of affected devices. It is crucial to note that this vulnerability primarily targets D-Link DIR-816 devices that are no longer supported by the vendor, leaving them vulnerable to potential attacks.
Affected Version(s)
DIR-816 1.10CNB05
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.