Skip to main content

D-Link DAP-2695 CVE-2025-12296

LOW
Command Injection (CWE-77)
2025-10-27 cna@vuldb.com
2.0
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.0 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Apr 29, 2026 - 02:32 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.

Technical ContextAI

The vulnerability resides in the Firmware Update Handler component of D-Link DAP-2695 wireless access point firmware, specifically within function sub_4174B0. It involves command injection (CWE-77) in a firmware update mechanism, a common attack surface in network appliances where input validation is often insufficient. The affected device is a legacy 802.11n access point from D-Link's DAP series. The Firmware Update Handler typically accepts user-supplied input for configuration or file paths without proper sanitization, allowing shell metacharacters or command separators to escape intended execution context. The CVSS vector AV:N/AC:L indicates the attack requires only network access with low complexity, but the PR:H requirement fundamentally limits realistic exploitation to administrators or similarly privileged users.

RemediationAI

No vendor-released patch is available for DAP-2695 firmware 2.00RC13, as the device is end-of-life and no longer supported by D-Link. Immediate remediation requires decommissioning affected DAP-2695 devices and replacing them with current-generation access points that receive active security updates. If immediate replacement is not feasible, implement the following compensating controls: restrict administrative access to the Firmware Update Handler to trusted networks only by implementing network segmentation (VLAN isolation or firewall rules allowing firmware update operations only from authorized management subnets), disable remote firmware update functionality if the device interface permits this configuration, require strong, unique administrative credentials that differ from default values, and monitor firmware update logs for suspicious activity. Apply these controls with the understanding that they add operational friction to legitimate firmware maintenance and do not eliminate the underlying vulnerability. Contact D-Link at www.dlink.com for clarification on end-of-life status and any undisclosed patches, though response is unlikely for legacy hardware.

Share

CVE-2025-12296 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy