CVE Catalog

CVE-2025-45931

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.31%

67th percentile - higher than 67% of all known CVEs

Summary

An issue in D-Link DIR-816-A2 with firmware DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via the system() function in the bin/goahead file.

Risk Assessment

An attacker can remotely take control of the device, compromising network confidentiality, integrity, and availability, and potentially using the router as an entry point for further attacks.

Recommendation

Immediately update the firmware of the D-Link DIR-816-A2 device to the latest available version and restrict management interface access to trusted networks only.

Original NVD description (English source)

An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file

Vulnerability data from NVD (NIST) · CISA KEV · EPSS