CVE Daily

CVE-2025-6898

A vulnerability, which was classified as critical, has been found in D-Link DI-7...

Medium CVSS 6.3

Overview

A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file inΒ proxy_client.asp. The manipulation of the argument proxy_srv/proxy_lanport/proxy_lanip/proxy_srvport leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CWE: CWE-77 Published: 2025-06-30T08:15:24.113
Risk analysis

This vulnerability is rated 🟑 MEDIUM.

  • CVSS: 6.3 (MEDIUM)
  • Detected tags: command_injection (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags