VYPR

DCH-M225

by Dlink

CVEs (2)

  • CVE-2020-6842Feb 21, 2020
    risk 0.00cvss epss 0.02

    D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.

  • CVE-2020-6841Feb 21, 2020
    risk 0.00cvss epss 0.03

    D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.