CVE-2025-69542

CRITICAL
2026-01-09 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Feb 10, 2026 - 19:48 vuln.today
Public exploit code
CVE Published
Jan 09, 2026 - 17:15 nvd
CRITICAL 9.8

Tags

D-Link Command Injection Dir 895la1 Firmware

Description

A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP client renews an existing lease with a malicious hostname, arbitrary commands can be executed with root privileges.

Analysis

D-Link DIR-895L router has command injection in the DHCP daemon via the hostname parameter during lease renewal. Any device requesting a DHCP lease with a malicious hostname achieves root code execution on the router. PoC available.

Technical Context

The DHCP lease renewal process concatenates the client hostname into a system command without sanitization (CWE-77). Any device on the network that sends a DHCP request with a crafted hostname can execute commands as root on the router.

Affected Products

D-Link DIR-895L A1 v1.02b07

Remediation

Update firmware. If unavailable, consider replacing the router. This attack vector (DHCP hostname) is particularly difficult to mitigate.

Priority Score

71
Low Medium High Critical
KEV: 0
EPSS: +1.5
CVSS: +49
POC: +20

Share

CVE-2025-69542 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy