CVE-2025-7553
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-14

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-14
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-07-14
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7553
EUVD
EUVD-2025-21286
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dlink dir-818lw_firmware to 20191215 (exc)
dlink dir-818lw *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7553 is a critical vulnerability in the D-Link DIR-818LW router (up to firmware version 20191215) that allows an attacker to perform OS command injection via the 'NTP Server' parameter in the System Time Page. This means an attacker can inject malicious commands remotely, potentially gaining full control over the router by executing arbitrary commands on the device's operating system. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing an authenticated remote attacker to execute arbitrary OS commands on your router, compromising its confidentiality, integrity, and availability. The attacker could gain remote control of the device, potentially leading to unauthorized access, disruption of network services, or further attacks on connected systems. Since the affected product is no longer supported, no known mitigations exist, increasing the risk. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves checking if the D-Link DIR-818LW router (hardware version B1, firmware up to 20191215) is present and if the 'NTP Server' parameter on the System Time Page is accessible and vulnerable to OS command injection. Since exploitation requires authentication, commands or scripts could attempt to authenticate and inject benign payloads to test for command injection. However, no specific detection commands are provided in the resources. Network monitoring for unusual outbound connections or reverse shell activity from the router may also help detect exploitation attempts. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps are limited because the affected product is no longer supported by the vendor and no known countermeasures or mitigations have been identified. It is recommended to restrict access to the router's management interface, especially the System Time Page, enforce strong authentication, monitor for suspicious activity, and consider replacing the device with a supported model to eliminate the risk. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart