CVE-2025-10628 — Injection in D-link Dir-852

CWE-74 — Injection CWE-77 — Command Injection4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 58.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

D-link Dir-852 Dlink Dir-852 Firmware

Timeline

PublishedSep 18

Description

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5d-link/dir-8521.00CN B09

▶NVDdlink/dir-852_firmware1.00cn_b09

🔴Vulnerability Details

GHSA

GHSA-hqmp-9xvq-qjgf: A vulnerability was found in D-Link DIR-852 1↗2025-09-18

▶

CVEList

D-Link DIR-852 Web Management hedwig.cgi command injection↗2025-09-18

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS D-Link hedwig.cgi (DEVICE.TIME) server XML Parameter Command Injection Attempt (CVE-2025-10628)↗2025-09-18

▶