28Şub
CVE-2025-1800 | D-Link DAR-7000 3.2 HTTP POST Request sxh_vpnlic.php get_ip_addr_details ethname command injection
A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the functionget_ip_addr_details of the file /view/vpn/sxh_vpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-1800. The attack can be initiated remotely. Furthermore, there is an exploit available.
