CVE-2025-6898
BaseFortify
Publication date: 2025-06-30
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | di-7300g\+_firmware | 19.12.25a1 |
| dlink | di-7300g\+ | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6898 is a critical OS command injection vulnerability in the D-Link DI-7300G+ router firmware version 19.12.25A1. It exists in the proxy_client.asp web interface file, where the parameters proxy_srv, proxy_lanport, proxy_lanip, and proxy_srvport are not properly sanitized. An attacker can send specially crafted input to these parameters remotely, allowing them to execute arbitrary operating system commands on the device, potentially gaining full control over the router. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing an attacker to remotely execute arbitrary OS commands on your D-Link DI-7300G+ router. This can lead to full compromise of the device, affecting its confidentiality, integrity, and availability. An attacker could disrupt network operations, intercept or manipulate data, or use the device as a foothold for further attacks. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying devices running the affected D-Link DI-7300G+ router firmware version 19.12.25A1 and checking for the presence of the vulnerable proxy_client.asp interface. One method is to use network scanning or web reconnaissance tools to find devices with the URL path containing "proxy_client.asp". For example, using a search engine with the query "inurl:proxy_client.asp" can help identify vulnerable devices. On your network, you can use tools like curl or wget to send requests to the proxy_client.asp page and observe responses. Example command to check for the vulnerable page: curl -I http://[router_ip]/proxy_client.asp. Additionally, monitoring for unusual or suspicious requests targeting the parameters proxy_srv, proxy_lanport, proxy_lanip, and proxy_srvport may indicate exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
Currently, there are no known mitigations or countermeasures available for this vulnerability. The recommended immediate step is to replace the affected D-Link DI-7300G+ router with an alternative device that is not vulnerable. Until replacement, restrict remote access to the device and monitor for suspicious activity targeting the proxy_client.asp interface to reduce risk. [2]