CVE-2025-5492 – D-Link DI-500WF-WT Vulnerability

Severity

High

Analysis Summary

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT and classified as critical. Affected by this vulnerability is the function sub_456DE8 of the file /msp_info.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack can be launched remotely.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2025-5492

Affected Vendors

D-Link

Affected Products

D-Link DI-500WF-WT - 20250511

Remediation

Refer to the D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Multiple D-Link DCS-932L Vulnerabilities

IBM QRadar Vulnerabilities Expose Config Files

CVE-2025-5492 – D-Link DI-500WF-WT Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan