Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-20699

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00784EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/02 9:35 p.m.4 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS7.1AI score0.09746EPSS
Exploits1References1
CNVD
CNVD
added 2025/09/02 12:0 a.m.0 views

D-Link DI-500WF os Command Injection Vulnerability

The D-Link DI-500WF is a panel type wireless access point AP, mainly used to build wireless network coverage environment, supports 802.11n protocol with a theoretical maximum transmission rate of 150Mbps. The D-Link DI-500WF suffers from an os command injection vulnerability that stems from the...

7.2CVSS7.6AI score0.09746EPSS
Exploits1References1
NVD
NVD
added 2025/08/31 9:15 p.m.5 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS0.09746EPSS
Exploits1References6
OSV
OSV
added 2025/08/31 9:15 p.m.6 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS5.6AI score0.09746EPSS
Exploits1References6
NVD
NVD
added 2025/07/08 9:15 p.m.7 views

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

9CVSS0.00784EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/07/08 8:32 p.m.3 views

CVE-2025-7194 D-Link DI-500WF jhttpd ip_position.asp sprintf stack-based overflow

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

9CVSS7.3AI score0.00784EPSS
Exploits1References5
CVE
CVE
added 2025/07/08 8:32 p.m.21 views

CVE-2025-7194

CVE-2025-7194 affects D-Link DI-500WF (version 17.04.10A1T). The vulnerability resides in the jhttpd component’s file ip_position.asp where unvalidated input to the sprintf call leads to a stack-based buffer overflow. It is exploitable remotely over the network and an exploit has been publicly di...

9CVSS8.9AI score0.00784EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/07/08 8:32 p.m.6 views

CVE-2025-7194 D-Link DI-500WF jhttpd ip_position.asp sprintf stack-based overflow

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

9CVSS0.00784EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.6 views

D-Link DI-500WF 安全漏洞

D-Link DI-500WF is a panel type wireless AP access point, designed with international wireless standards, supporting 2.4GHz band, wireless transmission speed up to 300Mbps, in line with the green concept. A buffer overflow vulnerability exists in the D-Link DI-500WF. The vulnerability stems from...

9CVSS8.9AI score0.00784EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.4 views

PT-2025-28737 · D Link · D-Link Di-500Wf

Name of the Vulnerable Software and Affected Versions: D-Link DI-500WF version 17.04.10A1T Description: A critical issue affects the sprintf function of the ip position.asp file in the jhttpd component. Manipulation of the ip argument leads to a stack-based buffer overflow. This issue can be...

9CVSS8.7AI score0.00784EPSS
Exploits1References8
OSV
OSV
added 2025/06/03 11:15 a.m.5 views

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

8.8CVSS5.5AI score0.02886EPSS
Exploits0References4
NVD
NVD
added 2025/06/03 11:15 a.m.10 views

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

8.8CVSS0.02886EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/03 10:31 a.m.18 views

CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

6.5CVSS0.02886EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/03 10:31 a.m.6 views

CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

6.5CVSS6.9AI score0.02886EPSS
Exploits0References4
CVE
CVE
added 2025/06/03 10:31 a.m.64 views

CVE-2025-5492

Summary: CVE-2025-5492 affects D-Link DI-500WF-WT up to 20250511. The flaw is in /usr/sbin/jhttpd, within the function sub_456DE8 of /msp_info.htm?flag=cmd, where manipulating the cmd parameter enables remote command injection. Several sources confirm the impact and vulnerable endpoint; exploitat...

8.8CVSS6.9AI score0.02886EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder