CVE-2025-55583 – D-Link DIR-868L Command Injection Vulnerability

August 28, 2025

CVE ID : CVE-2025-55583

Published : Aug. 28, 2025, 3:16 p.m. | 11 hours, 14 minutes ago

Description : D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via crafted HTTP requests.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8067 – Udisks D-BUS Loop Device Handler Index Validation Bypass

Next Article CVE-2025-54742 – Magepeopleteam WpEvently Untrusted Data Deserialization Object Injection Vulnerability

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

CVE-2025-55583 – D-Link DIR-868L Command Injection Vulnerability

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

A Hands-On Tutorial: Build a Modular LLM Evaluation Pipeline with Google Generative AI and LangChain

10 Free and Open Source Game Engines – Part 3

How to Use AI to Enhance Your WordPress Blog

CVE-2024-51099 – PHPGURUKUL Medical Card Generation System Reflected XSS

Samsung MagicINFO 9 Server RCE flaw now exploited in attacks

MailViewer views and decodes eml and msg files

FaradaIC Sensors raises €4.5M for electrochemical gas detection tech

From Windows to Freedom: How Zorin OS 18 Makes Migrating to Linux Seamless

CVE-2025-55583 – D-Link DIR-868L Command Injection Vulnerability

Related Posts