A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
PUBLISHED5.2CWE-78CWE-77unsupported-when-assigned
D-Link DIR-868L SSDP Service sub_1BF84 os command injection
Problem type
Affected products
D-Link
DIR-868L
110b03 - AFFECTED
References
VDB-348560 | D-Link DIR-868L SSDP Service sub_1BF84 os command injection
https://vuldb.com/?id.348560
VDB-348560 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/?ctiid.348560
Submit #764759 | D-Link dir-868I REVA1_FW110b03 OS Command Injection
https://vuldb.com/?submit.764759
kn0sinna.notion.site
https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c
dlink.com
https://www.dlink.com/
GitHub Security Advisories
GHSA-293m-75qg-jwrv
A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the...
https://github.com/advisories/GHSA-293m-75qg-jwrvA flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2026-3485
kn0sinna.notion.site
https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c
vuldb.com
https://vuldb.com/?ctiid.348560
vuldb.com
https://vuldb.com/?id.348560
vuldb.com
https://vuldb.com/?submit.764759
dlink.com
https://www.dlink.com
github.com
https://github.com/advisories/GHSA-293m-75qg-jwrv
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-3485Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-3485",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-03-03T21:32:41.532Z",
"dateReserved": "2026-03-03T15:23:23.561Z",
"datePublished": "2026-03-03T21:02:10.454Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-03-03T21:02:10.454Z"
},
"title": "D-Link DIR-868L SSDP Service sub_1BF84 os command injection",
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"affected": [
{
"vendor": "D-Link",
"product": "DIR-868L",
"modules": [
"SSDP Service"
],
"versions": [
{
"version": "110b03",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "OS Command Injection",
"cweId": "CWE-78",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Command Injection",
"cweId": "CWE-77",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.348560",
"name": "VDB-348560 | D-Link DIR-868L SSDP Service sub_1BF84 os command injection",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/?ctiid.348560",
"name": "VDB-348560 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.764759",
"name": "Submit #764759 | D-Link dir-868I REVA1_FW110b03 OS Command Injection",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c",
"tags": [
"exploit"
]
},
{
"url": "https://www.dlink.com/",
"tags": [
"product"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"baseScore": 10
}
}
],
"timeline": [
{
"time": "2026-03-03T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-03-03T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-03-03T16:28:52.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "Xuhsy (VulDB User)",
"type": "reporter"
}
],
"tags": [
"unsupported-when-assigned"
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2026-03-03T21:32:41.532Z"
},
"title": "CISA ADP Vulnrichment",
"metrics": [
{}
]
}
]
}
}