CVE-2025-7932

Medium CVSS 6.3

Overview

A vulnerability classified as critical has been found in D-Link DIR‑817L up to 1.04B01. This affects the function lxmldbc_system of the file ssdpcgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CWE: CWE-74 Published: 2025-07-21T17:15:39.410

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.3 (MEDIUM)
Detected tags: command_injection (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags