OS Command Injection Vulnerability in D-Link DI-500WF Router
CVE-2025-9745

5.1MEDIUM

Key Information:

Vendor: D-link
Status: Di-500wf
Vendor: CVE Published:; 31 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-9745?

A security flaw has been identified in the D-Link DI-500WF router within the jhttpd component, specifically in the /version_upgrade.asp file. This vulnerability involves the manipulation of the 'path' argument, which allows for remote OS command injection. Since this exploit can be initiated remotely, there is a significant risk of unauthorized access and control over affected devices, potentially compromising the integrity of connected networks.

Affected Version(s)

DI-500WF 14.04.10A1T

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-9745 - Proof of Concept

References

https://vuldb.com/?id.322044

vdb-entrytechnical-description

https://vuldb.com/?ctiid.322044

signaturepermissions-required

https://vuldb.com/?submit.640394

third-party-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 31, 2025
👾
Exploit known to exist
Aug 31, 2025
Vulnerability published
Aug 31, 2025
Vulnerability Reserved
Aug 30, 2025

Credit

physicszq (VulDB User)

D-link