D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system.
References
Link | Resource |
---|---|
https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md | Broken Link |
https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md | Broken Link |
Configurations
Configuration 1 (hide)
AND |
|
History
30 May 2025, 16:19
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md - Broken Link | |
CPE | cpe:2.3:o:dlink:di-8100g_firmware:16.07.26a1:*:*:*:*:*:*:* cpe:2.3:h:dlink:di-8100:-:*:*:*:*:*:*:* |
|
First Time |
Dlink di-8100
Dlink di-8100g Firmware Dlink |
|
Summary |
|
21 May 2025, 20:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md - | |
CWE | CWE-77 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
20 May 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-20 17:15
Updated : 2025-05-30 16:19
NVD link : CVE-2025-44084
Mitre link : CVE-2025-44084
CVE.ORG link : CVE-2025-44084
JSON object : View
Products Affected
dlink
- di-8100g_firmware
- di-8100
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')