CVE-2025-6896 | D-Link DI-7300G+ 19.12.25A1 wget_test.asp url os command injection

Inserito da Angelo Barbosa | Giu 29, 2025 | CVE

A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection.

This vulnerability is traded as CVE-2025-6896. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-6896 | D-Link DI-7300G+ 19.12.25A1 wget_test.asp url os command injection

Post correlati

CVE-2024-13351 | Repuso Plugin up to 5.20 on WordPress cross site scripting

CVE-2024-12786 | X1a0He Adobe Downloader up to 1.3.1 on macOS XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management

CVE-2024-56211 | DeluxeThemes Userpro Plugin up to 5.1.9 on WordPress authorization

CVE-2023-38536 | OpenText Exceed Turbo X 12.5.1 cross site scripting (KB0796182)