Vulnerabilities > Dlink > DCH M225 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-21 | CVE-2020-6842 | OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01 D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. | 7.2 |
| 2020-02-21 | CVE-2020-6841 | OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01 D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter. | 9.8 |