Vulnerabilities > Dlink > DCH M225 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-02-21 CVE-2020-6841 OS Command Injection vulnerability in Dlink Dch-M225 Firmware 1.05B01
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.
network
low complexity
dlink CWE-78
critical
 9.8
9.8