| Title | D-Link dir-868I REVA1_FW110b03 OS Command Injection |
|---|
| Description | D-Link DIR-868L REVA1_FW110b03 contains a pre-authentication OS command injection vulnerability within the SSDP service function. By sending a maliciously crafted request header, an unauthenticated remote attacker can execute arbitrary OS commands, potentially leading to full system compromise. |
|---|
| Source | ⚠️ https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c |
|---|
| User | Xuhsy (UID 88287) |
|---|
| Submission | 02/21/2026 08:31 (2 months ago) |
|---|
| Moderation | 03/03/2026 16:23 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 348560 [D-Link DIR-868L 110b03 SSDP Service sub_1BF84 ST os command injection] |
|---|
| Points | 15 |
|---|