D-Link Dir-852 vulnerabilities

CVE-2025-13562 [MEDIUM] CWE-74 CVE-2025-13562: A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported b

CVE-2025-11488 [MEDIUM] CWE-74 CVE-2025-11488: A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by

CVE-2025-10629 [MEDIUM] CWE-74 CVE-2025-10629: A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi_main of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma

CVE-2025-10628 [MEDIUM] CWE-74 CVE-2025-10628: A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of t A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability

CVE-2025-10093 [MEDIUM] CWE-200 CVE-2025-10093: A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability is A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability is the function phpcgi_main of the file /getcfg.php of the component Device Configuration Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit is publicly available and might be used. This vuln

CVE-2025-9752 [MEDIUM] CWE-77 CVE-2025-9752: A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function so A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only