CVE-2025-9752 | D-Link DIR-852 1.00CN B09 SOAP Service soap.cgi soapcgi_main service os command injection

Inserito da Angelo Barbosa | Ago 31, 2025 | CVE

A vulnerability labeled as critical has been found in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2025-9752. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-9752 | D-Link DIR-852 1.00CN B09 SOAP Service soap.cgi soapcgi_main service os command injection

Post correlati

CVE-2023-20587 | AMD EPYC(TM) Embedded 9003 System Management Mode access control

CVE-2025-0484 | Fanli2012 native-php-cms 1.0 Backend sysconfig_doedit.php improper authorization

CVE-2024-28962 | Dell Command & Update/Update/Alienware Update up to 5.3 external reference (dsa-2024-169)

CVE-2025-5537 | Lightbox & Modal Popup Plugin up to 2.7.34 on WordPress cross site scripting