CVE-2025-7836 | D-Link DIR-816L up to 2.06B01 Environment Variable /htdocs/cgibin lxmldbc_system command injection

A vulnerability has been found in D-Link DIR-816L up to 2.06B01 and classified as critical. Affected by this vulnerability is the function lxmldbc_system of the file /htdocs/cgibin of the component Environment Variable Handler. The manipulation leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2025-7836. The attack can be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More