← Back

Dir 895la1 Firmware

dir-895la1_firmware

Vendor: Dlink • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Dlink
1Dir 895la1 Firmware
Jun 17, 2026
Jan 9, 2026
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly c...Show more
A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP client renews an existing lease with a malicious hostname, arbitrary commands can be executed with root privileges.Show less