CVE-2025-1392: D-Link DIR-816 index.html cross site scripting
First published: Mon Feb 17 2025(Updated: )
A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-816L |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1392?
CVE-2025-1392 is classified as a problematic vulnerability affecting D-Link DIR-816.
How do I fix CVE-2025-1392?
To mitigate CVE-2025-1392, it is recommended to update the firmware of the D-Link DIR-816 to the latest version provided by the vendor.
What does CVE-2025-1392 affect?
CVE-2025-1392 affects the /cgi-bin/webproc?getpage=html/index.html functionality in D-Link DIR-816 devices.
Can CVE-2025-1392 be exploited remotely?
Yes, CVE-2025-1392 can potentially be exploited remotely through manipulation of the SSID argument.
Who is affected by CVE-2025-1392?
Users of the D-Link DIR-816 with firmware version 1.01TO are directly affected by CVE-2025-1392.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/source
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/d-link
- canonical/d-link dir-816l