CVE-2025-63932

CWE-78OS Command Injection4 documents4 sources
Severity
7.3HIGH
EPSS
0.5%
top 32.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-868l Firmware
Timeline
PublishedNov 19

Description

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages1 packages

NVDdlink/dir-868l_firmwarefw106krb01

🔴Vulnerability Details

2
CVEList
CVE-2025-63932: D-Link Router DIR-868L A1 FW106KRb012025-11-19
GHSA
GHSA-5rxw-wcwc-72r2: D-Link Router DIR-868L A1 FW106KRb012025-11-19

🔍Detection Rules

1
Suricata
ET EXPLOIT D-Link HNAP SOAPAction Command Injection (CVE-2015-2051, CVE-2019-10891, CVE-2022,37056, CVE-2024-33112, CVE-2025-11488, CVE-2025-63932)2021-11-17
CVE-2025-63932 (HIGH CVSS 7.3) | D-Link Router DIR-868L A1 FW106KRb0 | cvebase.io