Volerion logoVolerion
Volerion logoVolerion

D-Link DAR-7000 Command Injection Vulnerability in HTTP POST Request Handler

Vulnerability

A critical command injection vulnerability has been identified in the D-Link DAR-7000 router, specifically in version 3.2. The issue arises in the HTTP POST request handler, within the function 'get_ip_addr_details' of the file '/view/vpn/sxh_vpn/sxh_vpnlic.php'. The vulnerability allows remote exploitation by manipulating the 'ethname' argument. This router model is no longer supported by D-Link, and the vulnerability affects all hardware revisions.

Impact

Exploitation of this vulnerability allows for command injection, where an attacker can execute arbitrary commands on the device.

Reproduction

To reproduce this vulnerability, send an HTTP POST request to the '/view/vpn/sxh_vpn/sxh_vpnlic.php' endpoint. Include a crafted 'ethname' argument that exploits the command injection flaw. The device must be a D-Link DAR-7000 running version 3.2.

Remediation

D-Link has recommended retiring and replacing the DAR-7000 router, as it has reached its end-of-life and end-of-service life, and is no longer supported or receives security updates.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
7.5
exploitability
6.2
remediation
3.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.