CVE-2026-3485 - Vulnerability Details

- D-Link DIR-868L SSDP Service sub_1BF84 os command injection

Description

A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Published: 2026-03-03

Score: 9.3 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The flaw resides in the SSDP Service function sub_1BF84 of the D‑Link DIR‑868L firmware 110b03, allowing an attacker to manipulate the ST argument and inject arbitrary operating‑system commands. This results in full remote code execution, giving the attacker control over the device’s operating system. The vulnerability is documented as an OS command injection with both CWE-77 and CWE-78 references.

Affected Systems

The vulnerability affects only the D‑Link DIR‑868L model running firmware version 110b03, which is no longer supported by the manufacturer. No other devices or firmware variants are listed as impacted.

Risk and Exploitability

The CVSS score of 9.3 indicates critical severity, yet the EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, suggesting low to moderate likelihood of widespread exploitation at present. The attack vector is remote; the SSDP service listens for network traffic and can be reached from outside the local network, making it possible for an off‑network attacker to trigger the injection. Exploit code has been published and may be used.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

D-Link

DIR-868L

affected

Version	Status	Constraints
`110b03`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:dlink:dir-868l_firmware:110b03:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

D-link

Dir-868l

100%

Version	Status	Scheme	Platform
`110b03`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply any available firmware upgrade that includes a patch for SSDP command injection.
If no patch is available, disable the SSDP service on the device or block UDP port 1900 at the network level.
As a temporary measure, isolate the device from the internet and restrict access to trusted internal hosts only.

Generated by OpenCVE AI on April 16, 2026 at 13:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.0046.

Exploitation poc

Automatable yes

Technical Impact total

References

Link	Providers
https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c
https://vuldb.com/?ctiid.348560
https://vuldb.com/?id.348560
https://vuldb.com/?submit.764759
https://www.dlink.com/

History

Wed, 04 Mar 2026 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		D-link D-link dir-868l
Vendors & Products		D-link D-link dir-868l

Wed, 04 Mar 2026 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dlink Dlink dir-868l Dlink dir-868l Firmware
CPEs		cpe:2.3:h:dlink:dir-868l:-:::::::* cpe:2.3:o:dlink:dir-868l_firmware:110b03:::::::*
Vendors & Products		Dlink Dlink dir-868l Dlink dir-868l Firmware

Tue, 03 Mar 2026 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 03 Mar 2026 21:15:00 +0000

Type	Values Removed	Values Added
Description		A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title		D-Link DIR-868L SSDP Service sub_1BF84 os command injection
Weaknesses		CWE-77 CWE-78
References		https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c https://vuldb.com/?ctiid.348560 https://vuldb.com/?id.348560 https://vuldb.com/?submit.764759 https://www.dlink.com/
Metrics		cvssV2_0 `{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

D-link Dir-868l

Dlink Dir-868l Dir-868l Firmware

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-03T21:02:10.454Z

Updated: 2026-03-03T21:32:41.532Z

Reserved: 2026-03-03T15:23:23.561Z

Link: CVE-2026-3485

Vulnrichment

Updated: 2026-03-03T21:32:38.191Z

NVD

Status : Analyzed

Published: 2026-03-03T21:16:02.667

Modified: 2026-03-04T14:07:42.520

Link: CVE-2026-3485

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-16T14:00:19Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object