Security Advisory

CVE-2025-60854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 00:00:00

Last updated 2025-12-03 15:08:44

Assigner mitre

State PUBLISHED

Description

A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.

← Browse all CVEs View on cve.org ↗