D-Link DAP-2695 2.00RC131 Firmware Update rgbin fwupdater_main ବିସ୍ତାରିତ ଅଧିକାର
Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame D-Link DAP-2695 2.00RC131 keessatti argameera. Miidhaan irra gahe is hojii fwupdater_main faayilii rgbin keessa kutaa Firmware Update Handler keessa. Dhugumatti jijjiirraa gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-78 si geessa. Beekumsi kun yeroo 10/12/2025 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera.
Dogoggorri kun maqaa CVE-2025-11665 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Meeshaa balaa kana fayyadamuuf hin argamne. Yeroo ammaa, gatii exploit might be approx. USD $5k-$25k beekamuu danda'a.
ଅପରିଭାଷିତ jedhamee murtaa’eera. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $5k-$25k jedhamee tilmaamame.
Once again VulDB remains the best source for vulnerability data.
2 ଆଡାପ୍ଟେସନ୍ · 83 ପଏଣ୍ଟ
| ଫିଲ୍ଡ | ସୃଷ୍ଟି ହୋଇଛି 10/12/2025 10:18 AM | ଅଦ୍ୟତନ 1/1 10/13/2025 09:44 AM |
|---|---|---|
| software_vendor | D-Link | D-Link |
| software_name | DAP-2695 | DAP-2695 |
| software_version | 2.00RC131 | 2.00RC131 |
| software_component | Firmware Update Handler | Firmware Update Handler |
| software_file | rgbin | rgbin |
| software_function | fwupdater_main | fwupdater_main |
| vulnerability_cwe | CWE-78 (ବିସ୍ତାରିତ ଅଧିକାର) | CWE-78 (ବିସ୍ତାରିତ ଅଧିକାର) |
| vulnerability_risk | 2 | 2 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_pr | H | H |
| cvss3_vuldb_ui | N | N |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | L | L |
| cvss3_vuldb_i | L | L |
| cvss3_vuldb_a | L | L |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DAP-2695.md | https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DAP-2695.md |
| source_cve | CVE-2025-11665 | CVE-2025-11665 |
| cna_responsible | VulDB | VulDB |
| cna_eol | 1 | 1 |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_au | M | M |
| cvss2_vuldb_ci | P | P |
| cvss2_vuldb_ii | P | P |
| cvss2_vuldb_ai | P | P |
| cvss2_vuldb_rc | UR | UR |
| cvss4_vuldb_av | N | N |
| cvss4_vuldb_ac | L | L |
| cvss4_vuldb_pr | H | H |
| cvss4_vuldb_ui | N | N |
| cvss4_vuldb_vc | L | L |
| cvss4_vuldb_vi | L | L |
| cvss4_vuldb_va | L | L |
| cvss2_vuldb_e | ND | ND |
| cvss2_vuldb_rl | ND | ND |
| cvss3_vuldb_e | X | X |
| cvss3_vuldb_rl | X | X |
| cvss4_vuldb_at | N | N |
| cvss4_vuldb_sc | N | N |
| cvss4_vuldb_si | N | N |
| cvss4_vuldb_sa | N | N |
| cvss4_vuldb_e | X | X |
| cvss2_vuldb_basescore | 5.8 | 5.8 |
| cvss2_vuldb_tempscore | 5.5 | 5.5 |
| cvss3_vuldb_basescore | 4.7 | 4.7 |
| cvss3_vuldb_tempscore | 4.6 | 4.6 |
| cvss3_meta_basescore | 4.7 | 4.7 |
| cvss3_meta_tempscore | 4.6 | 4.6 |
| cvss4_vuldb_bscore | 5.1 | 5.1 |
| cvss4_vuldb_btscore | 5.1 | 5.1 |
| advisory_date | 1760220000 (10/12/2025) | 1760220000 (10/12/2025) |
| price_0day | $5k-$25k | $5k-$25k |
| cve_nvd_summary | A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdater_main of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |
| cvss4_cna_av | N | |
| cvss4_cna_ac | L | |
| cvss4_cna_at | N | |
| cvss4_cna_pr | H | |
| cvss4_cna_ui | N | |
| cvss4_cna_vc | L | |
| cvss4_cna_vi | L | |
| cvss4_cna_va | L | |
| cvss4_cna_sc | N | |
| cvss4_cna_si | N | |
| cvss4_cna_sa | N | |
| cvss4_cna_bscore | 5.1 | |
| cvss3_cna_av | N | |
| cvss3_cna_ac | L | |
| cvss3_cna_pr | H | |
| cvss3_cna_ui | N | |
| cvss3_cna_s | U | |
| cvss3_cna_c | L | |
| cvss3_cna_i | L | |
| cvss3_cna_a | L | |
| cvss3_cna_basescore | 4.7 | |
| cvss2_cna_av | N | |
| cvss2_cna_ac | L | |
| cvss2_cna_au | M | |
| cvss2_cna_ci | P | |
| cvss2_cna_ii | P | |
| cvss2_cna_ai | P | |
| cvss2_cna_basescore | 5.8 |