Dlink Dch-M225 Firmware vulnerabilities
2 known vulnerabilities affecting dlink/dch-m225_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-6841P2CRITICALCVSS 9.8≤ 1.05b012020-02-21
CVE-2020-6841 [CRITICAL] CWE-78 CVE-2020-6841: D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.
nvd
CVE-2020-6842P3HIGHCVSS 7.2≤ 1.05b012020-02-21
CVE-2020-6842 [HIGH] CWE-78 CVE-2020-6842: D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary O
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.
nvd