Ipsec

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-5620 HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE Ipsec Dir 816 Firmware

NVD GitHub VulDB

CVSS 3.1

7.3

EPSS

1.0%

CVE-2025-5620

EPSS 1% CVSS 7.3

HIGH POC This Week

A critical remote code execution vulnerability exists in D-Link DIR-816 firmware version 1.10CNB05, allowing unauthenticated attackers to execute arbitrary OS commands via the /goform/setipsec_config endpoint by manipulating localIP or remoteIP parameters. The vulnerability has a publicly disclosed proof-of-concept exploit and affects end-of-life hardware no longer receiving security updates from D-Link, creating significant risk for deployed instances.

Command Injection D-Link RCE +2

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy