Medium severity6.3NVD Advisory· Published Aug 31, 2025· Updated Apr 29, 2026
CVE-2025-9727
CVE-2025-9727
Description
A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
Affected products
1- cpe:2.3:o:dlink:dir-816l_firmware:2.06b01:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/scanleale/IOT_sec/blob/main/DIR-816L.pdfnvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
- www.dlink.comnvdProduct
News mentions
0No linked articles in our index yet.