EUVD-2025-26310

Malicious code in bioql PyPI...

EUVD-2025-20699

Malicious code in bioql PyPI...

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

D-Link DI-500WF os Command Injection Vulnerability

The D-Link DI-500WF is a panel type wireless access point AP, mainly used to build wireless network coverage environment, supports 802.11n protocol with a theoretical maximum transmission rate of 150Mbps. The D-Link DI-500WF suffers from an os command injection vulnerability that stems from the...

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9745 D-Link DI-500WF jhttpd version_upgrade.asp os command injection

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9745 D-Link DI-500WF jhttpd version_upgrade.asp os command injection

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9745

CVE-2025-9745 affects D-Link DI-500WF (firmware 14.04.10A1T). The vulnerability is in jhttpd’s /version_upgrade.asp where manipulating the path argument enables an OS command injection. Exploitation is remote and publicly disclosed (at least a PoC exists). Connected sources corroborate the affect...

PT-2025-35426

Name of the Vulnerable Software and Affected Versions: D-Link DI-500WF version 14.04.10A1T Description: A security issue has been identified in D-Link DI-500WF. The vulnerability resides in an unknown function within the /version upgrade.asp file of the jhttpd component. Manipulation of the path...

D-Link DI-500WF 安全漏洞

The D-Link DI-500WF is a panel type wireless access point AP, mainly used to build wireless network coverage environment, supports 802.11n protocol with a theoretical maximum transmission rate of 150Mbps. The D-Link DI-500WF suffers from an os command injection vulnerability that stems from the...

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7194 D-Link DI-500WF jhttpd ip_position.asp sprintf stack-based overflow

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7194

CVE-2025-7194 affects D-Link DI-500WF (version 17.04.10A1T). The vulnerability resides in the jhttpd component’s file ip_position.asp where unvalidated input to the sprintf call leads to a stack-based buffer overflow. It is exploitable remotely over the network and an exploit has been publicly di...

CVE-2025-7194 D-Link DI-500WF jhttpd ip_position.asp sprintf stack-based overflow

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

D-Link DI-500WF 安全漏洞

D-Link DI-500WF is a panel type wireless AP access point, designed with international wireless standards, supporting 2.4GHz band, wireless transmission speed up to 300Mbps, in line with the green concept. A buffer overflow vulnerability exists in the D-Link DI-500WF. The vulnerability stems from...

PT-2025-28737 · D Link · D-Link Di-500Wf

Name of the Vulnerable Software and Affected Versions: D-Link DI-500WF version 17.04.10A1T Description: A critical issue affects the sprintf function of the ip position.asp file in the jhttpd component. Manipulation of the ip argument leads to a stack-based buffer overflow. This issue can be...

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...