EUVD-2026-33693

A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...

CVE-2025-12313

The CVE concerns D-Link DI-7001 MINI devices with firmware versions 19.09.19A1 and 24.04.18B1. The vulnerability is a command injection in the /msp_info.htm file, caused by improper handling of the cmd parameter in an unknown function. It is described as exploitable remotely and publicly disclose...

EUVD-2025-36343

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2025-12313 D-Link DI-7001 MINI msp_info.htm command injection

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...

CVE-2025-12313 D-Link DI-7001 MINI msp_info.htm command injection

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /mspinfo.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public an...

D-Link DI-7001 MINI 命令注入漏洞

The D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7001 MINI version 19.09.19A1 and version 24.04.18B1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm, which coul...

D-Link DI-7001 MINI OS Command Injection Vulnerability

D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

D-Link DI-7001 MINI Buffer Overflow Vulnerability

D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from a buffer overflow vulnerability, which is caused by incorrect bounds checking of functions in the file /dbsrv.asp. An attacker could exploit the vulnerability to execute...

CVE-2025-11407

CVE-2025-11407 affects D-Link DI-7001 MINI (firmware 24.04.18B1). The vulnerability is in the upgrade_filter.asp component where manipulation of the path argument leads to OS command injection. Attack could be initiated remotely, and public exploits exist. Some sources do not provide a confirmed ...

D-Link DI-7001 MINI 操作系统命令注入漏洞

D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. The D-Link DI-7001 MINI suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...