Vulnerability Description
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-880L Firmware | <= 104WWb01 |
| Dlink | Dir-880L | - |
Related Weaknesses (CWE)
References
- https://github.com/CH13hh/tmp_store_cc/blob/main/DIR-880L/1.mdBroken Link
- https://vuldb.com/?ctiid.307459Permissions RequiredVDB Entry
- https://vuldb.com/?id.307459Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.556433Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
- https://github.com/CH13hh/tmp_store_cc/blob/main/DIR-880L/1.mdBroken Link
FAQ
What is CVE-2025-4341?
CVE-2025-4341 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header...
How severe is CVE-2025-4341?
CVE-2025-4341 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-4341?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-880L Firmware, Dlink Dir-880L.