Detections
Analytics

CVE-2025-44084

critical

Description

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system.

References

https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md

Details

Source: Mitre, NVD

Published: 2025-05-20

Updated: 2025-05-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00169