Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69542 | 1 Dlink | 2 Dir-895la1, Dir-895la1 Firmware | 2026-02-10 | N/A | 9.8 CRITICAL |
| A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP client renews an existing lease with a malicious hostname, arbitrary commands can be executed with root privileges. | |||||