Filtered by vendor Dlink
Subscriptions
Filtered by product Dir-895la1
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69542 | 1 Dlink | 1 Dir-895la1 | 2026-01-13 | 9.8 Critical |
| A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP client renews an existing lease with a malicious hostname, arbitrary commands can be executed with root privileges. | ||||
Page 1 of 1.