D-Link DAP-2695 CVE-2025-12296
LOWSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
OS command injection in D-Link DAP-2695 firmware 2.00RC13 allows high-privileged remote attackers to execute arbitrary commands through the Firmware Update Handler function sub_4174B0. The vulnerability carries a low real-world risk despite network-accessible attack vector due to requiring administrative credentials (PR:H) and affecting only end-of-life hardware. Publicly available exploit code exists, though EPSS exploitation probability remains minimal at 0.09th percentile.
Technical ContextAI
The vulnerability resides in the Firmware Update Handler component of D-Link DAP-2695 wireless access point firmware, specifically within function sub_4174B0. It involves command injection (CWE-77) in a firmware update mechanism, a common attack surface in network appliances where input validation is often insufficient. The affected device is a legacy 802.11n access point from D-Link's DAP series. The Firmware Update Handler typically accepts user-supplied input for configuration or file paths without proper sanitization, allowing shell metacharacters or command separators to escape intended execution context. The CVSS vector AV:N/AC:L indicates the attack requires only network access with low complexity, but the PR:H requirement fundamentally limits realistic exploitation to administrators or similarly privileged users.
RemediationAI
No vendor-released patch is available for DAP-2695 firmware 2.00RC13, as the device is end-of-life and no longer supported by D-Link. Immediate remediation requires decommissioning affected DAP-2695 devices and replacing them with current-generation access points that receive active security updates. If immediate replacement is not feasible, implement the following compensating controls: restrict administrative access to the Firmware Update Handler to trusted networks only by implementing network segmentation (VLAN isolation or firewall rules allowing firmware update operations only from authorized management subnets), disable remote firmware update functionality if the device interface permits this configuration, require strong, unique administrative credentials that differ from default values, and monitor firmware update logs for suspicious activity. Apply these controls with the understanding that they add operational friction to legitimate firmware maintenance and do not eliminate the underlying vulnerability. Contact D-Link at www.dlink.com for clarification on end-of-life status and any undisclosed patches, though response is unlikely for legacy hardware.
More in Dap 2695 Firmware
View allBuffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-25
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, D
Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, D
Null pointer dereference vulnerability in D-Link DAP-2310 2,10RC039, DAP-2330 1.10RC036 BETA, DAP-2360 2.10RC055, DAP-25
A vulnerability classified as problematic has been found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium sev
A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerab
A vulnerability was found in D-Link DAP-2695 120b36r137_ALL_en_20210528. Rated medium severity (CVSS 4.8), this vulnerab
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today