Description

A vulnerability was detected in D-Link DIR-605 202WWB03. Affected by this issue is some unknown functionality of the component Firmware Update Service. Performing manipulation results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Related CPE's

Could not find any relations

References

https://tzh00203.notion.site/D-Link-DIR605-B1v202WWB03-Command-Injection-in-Firmware-Update-2cab5c52018a80de8df7f427ac2faf0e?source=copy_link

https://vuldb.com/?ctiid.337372

https://vuldb.com/?id.337372

https://vuldb.com/?submit.715465

https://www.dlink.com/

Weaknesses

[email protected]

Primary
CWE-74CWE-77

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2025-12-18T17:15:47.480

27 hours ago

Last modified

2025-12-19T18:00:18.330

3 hours ago