CVE-2025-6899
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-30

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the argument flag/cmd/iface leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-30
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-06-30
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6899
EUVD
EUVD-2025-19521
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
dlink di-7300g\+_firmware 19.12.25a1
dlink di-7300g\+ *
dlink di-8200g_firmware 16.07.26a1
dlink di-8200g *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-6899 is a critical OS command injection vulnerability found in D-Link DI-7300G+ and DI-8200G devices, specifically in the msp_info.htm page. The vulnerability arises from improper sanitization of the parameters 'flag', 'cmd', and 'iface', which allows an attacker to remotely send specially crafted requests to execute arbitrary operating system commands on the device. Successful exploitation grants the attacker full control over the targeted device. [1, 2]


How can this vulnerability impact me? :

This vulnerability can severely impact you by allowing an attacker to remotely execute arbitrary commands on affected D-Link devices, potentially leading to full compromise of the device. This can result in unauthorized access, disruption of device functionality, data compromise, and loss of confidentiality, integrity, and availability of the affected systems. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying devices running vulnerable firmware versions of D-Link DI-7300G+ (19.12.25A1) or DI-8200G (17.12.20A1) that expose the msp_info.htm page. One detection method is to scan for HTTP endpoints containing 'msp_info.htm' and test if the parameters 'flag', 'cmd', or 'iface' accept command injection payloads. Google dorking with the query 'inurl:msp_info.htm' can help locate vulnerable devices. Specific commands to detect the vulnerability are not provided, but sending crafted HTTP requests targeting these parameters and observing unexpected command execution behavior would indicate vulnerability. [2]


What immediate steps should I take to mitigate this vulnerability?

No known mitigations or countermeasures have been published for this vulnerability. The suggested immediate step is to replace the affected devices with non-vulnerable alternatives. Additionally, restricting access to the affected devices and their management interfaces from untrusted networks may reduce exposure until replacement is possible. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart