| Title | D-Link DIR-852 1.00CN B09 Command Injection |
|---|
| Description | A critical unauthenticated command injection vulnerability was discovered in the firmware of the D-Link DIR-852 router. The vulnerability exists in the device's SOAP service, arising from the soap.cgi endpoint's failure to properly validate or sanitize the service parameter in the request URI. A remote attacker can exploit this flaw by crafting a malicious POST request containing shell metacharacters (such as the pipe symbol |) to inject and execute arbitrary commands, leading to remote code execution on the device. |
|---|
| Source | ⚠️ https://github.com/i-Corner/cve/issues/18 |
|---|
| User | iC0rner (UID 82839) |
|---|
| Submission | 08/23/2025 13:01 (10 months ago) |
|---|
| Moderation | 08/31/2025 10:18 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 322053 [D-Link DIR-852 1.00CN B09 SOAP Service soap.cgi soapcgi_main service os command injection] |
|---|
| Points | 20 |
|---|