Vulnerability Details CVE-2025-8956
A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
Products affected by CVE-2025-8956
-
cpe:2.3:h:dlink:dir-818l:-
-
cpe:2.3:o:dlink:dir-818l_firmware:105b01