Vulnerability Description
A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-645 Firmware | <= 1.05b01 |
| Dlink | Dir-645 | - |
Related Weaknesses (CWE)
References
- https://github.com/Thir0th/Thir0th-CVE/blob/main/D-Link%20DIR%E2%80%91645%20A1%2ExploitThird Party Advisory
- https://vuldb.com/?ctiid.315131Permissions RequiredVDB Entry
- https://vuldb.com/?id.315131Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.607261Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
- https://github.com/Thir0th/Thir0th-CVE/blob/main/D-Link%20DIR%E2%80%91645%20A1%2ExploitThird Party Advisory
FAQ
What is CVE-2025-7192?
CVE-2025-7192 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was found in D-Link DIR-645 up to 1.05B01 and classified as critical. This issue affects the function ssdpcgi_main of the file /htdocs/cgibin of the component ssdpcgi. The manipulation...
How severe is CVE-2025-7192?
CVE-2025-7192 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-7192?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-645 Firmware, Dlink Dir-645.