81 matches found
CVE-2026-10270
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...
CVE-2026-10270 D-Link DI-7001 MINI API httpd_debug.asp sprintf stack-based overflow
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...
EUVD-2026-33693
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...
D-Link DI-7001 MINI security vulnerability
The D-Link DI-7001 MINI is a multi-functional smart gateway from D-Link Corporation. The D-Link DI-7001 MINI, versions prior to 19.09.19A1, have a security vulnerability. This vulnerability stems from the improper handling of the parameter “Time” in the function “sprintf” of the API component’s...
PT-2026-45210
Name of the Vulnerable Software and Affected Versions D-Link DI-7001 MINI versions prior to 19.09.19A1 Description A stack-based buffer overflow occurs in the API component within the sprintf function of the '/httpd debug.asp' endpoint. This issue is triggered by the manipulation of the Time...
Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server
LAB 2 - CVE-2017-10271: WebLogic XMLDecoder Deserialization Wr...
MiracleLinux 9 : qemu-kvm-8.0.0-16.el9.1.ML.1 (AXSA:2023-7001:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7001:07 advisory. QEMU: hcd-ehci: DMA reentrancy issue incomplete fix for CVE-2021-3750 CVE-2023-2680 Tenable has extracted the preceding description block directly from the...
CVE-2025-12313
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2025-12313
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2025-12313
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2025-12313
The CVE concerns D-Link DI-7001 MINI devices with firmware versions 19.09.19A1 and 24.04.18B1. The vulnerability is a command injection in the /msp_info.htm file, caused by improper handling of the cmd parameter in an unknown function. It is described as exploitable remotely and publicly disclose...
CVE-2025-12313 D-Link DI-7001 MINI msp_info.htm command injection
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2025-12313 D-Link DI-7001 MINI msp_info.htm command injection
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
EUVD-2025-36343
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...
PT-2025-44031
Name of the Vulnerable Software and Affected Versions D-Link DI-7001 MINI versions 19.09.19A1 through 24.04.18B1 Description A flaw exists in D-Link DI-7001 MINI that allows for command injection. This occurs due to improper handling of the cmd argument within an unknown function of the /msp...
D-Link DI-7001 MINI 命令注入漏洞
The D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7001 MINI version 19.09.19A1 and version 24.04.18B1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm, which coul...
D-Link DI-7001 MINI Buffer Overflow Vulnerability
D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from a buffer overflow vulnerability, which is caused by incorrect bounds checking of functions in the file /dbsrv.asp. An attacker could exploit the vulnerability to execute...
D-Link DI-7001 MINI OS Command Injection Vulnerability
D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
CVE-2025-11408
A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be...
CVE-2025-11407
A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgradefilter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could b...