Dir 600 Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-2163 MEDIUM POC This Month

Command injection in D-Link DIR-600 firmware through the ssdp.cgi file allows remote attackers to execute arbitrary commands by manipulating HTTP parameters (HTTP_ST, REMOTE_ADDR, REMOTE_PORT, SERVER_ID). Public exploit code exists for this vulnerability, though it affects only unsupported product versions. The attack requires high-level privileges but has low complexity and impacts confidentiality, integrity, and availability.

D-Link Command Injection Dir 600 Firmware

NVD GitHub VulDB

CVSS 3.1

4.7

EPSS

0.2%

CVE-2026-2163

EPSS 0% CVSS 4.7

MEDIUM POC This Month

Command injection in D-Link DIR-600 firmware through the ssdp.cgi file allows remote attackers to execute arbitrary commands by manipulating HTTP parameters (HTTP_ST, REMOTE_ADDR, REMOTE_PORT, SERVER_ID). Public exploit code exists for this vulnerability, though it affects only unsupported product versions. The attack requires high-level privileges but has low complexity and impacts confidentiality, integrity, and availability.

D-Link Command Injection Dir 600 Firmware

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy