CVE-2025-4350
Severity CVSS v4.0:
HIGH
Type:
CWE-74
Injection
Publication date:
06/05/2025
Last modified:
12/05/2025
Description
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This vulnerability affects the function wake_on_lan. The manipulation of the argument host leads to command injection. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Impact
Base Score 4.0
8.70
Severity 4.0
HIGH
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
9.00
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:* | 2.07b01 (including) | |
cpe:2.3:h:dlink:dir-600l:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page