CVE-2025-10629 | D-Link DIR-852 1.00CN B09 Simple Service Discovery Protocol Service htodcs/cgibin ssdpcgi_main ST command injection

A vulnerability described as critical has been identified in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi_main of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability appears as CVE-2025-10629. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-10629 | D-Link DIR-852 1.00CN B09 Simple Service Discovery Protocol Service htodcs/cgibin ssdpcgi_main ST command injection

Post correlati

CVE-2024-7514 | Comments Import & Export Plugin up to 2.3.7 on WordPress path traversal

CVE-2024-23807 | Apache Xerces C++ up to 3.2.2 External DTD Scanning use after free

CVE-2024-2286 | Sky Addons for Elementor Plugin up to 2.4.0 on WordPress Wrapper Link URL cross site scripting

CVE-2024-9683 | Red Hat Quay 3 Truncated Password Version authentication bypass