Description

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command.

INFO

Published Date :

2025-11-19T00:00:00.000Z

Last Modified :

2025-11-20T15:39:00.429Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-63932 vulnerability.

Vendors Products
Dlink
  • Dir-868l
  • Dir-868l A1
  • Dir-868l Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-63932.

URL Resource
https://github.com/WhereisRain/DIR-868 cve-icon cve-icon
https://github.com/WhereisRain/DIR-868/tree/main cve-icon cve-icon
https://www.dlink.com/en/security-bulletin/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact