216.73.216.86

CVE-2025-9752

· Published 01/09/2025 01:15 · Modified 01/09/2025 01:15

Labels: CVE-2025-9752 2025-09-01CVE-2025-9752CWE-77[email protected]

Essential information

Published
01/09/2025 01:15
Modified
01/09/2025 01:15
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
d-link / dir-852 cpe:2.3:a:d-link:dir-852:1.00CN_B09:*:*:*:*:*:*:*

References