VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 3, 2025

CVE-2025-60854

CVE-2025-60854

Description

A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dlink/R15 (AX1500)cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.20.01

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.