CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2025-15357

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357

The CVE-2025-15357 issue affects D-Link DI-7400G+ with firmware 19.12.25A1. The vulnerability lies in function handling of /msp_info.htm?flag=cmd, where improper manipulation of the cmd parameter enables remote command injection. Exploitation is publicly available (PoC). Depending on the CVSS sou...

D-Link DI-7400G+ 命令注入漏洞

The D-Link DI-7400G+ is a router from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm?flag=cmd, which can lead to command injection...

PT-2025-54228

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

Exploit for Command Injection in Dlink Di-7400G\+_Firmware

CVE-2025-57105 D-Link DI-7400G+ Command Injection Ove...

EUVD-2023-49867

Malicious code in bioql PyPI...

EUVD-2025-28889

Malicious code in bioql PyPI...

CVE-2025-9769

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

CVE-2025-9769

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

CVE-2025-9769 D-Link DI-7400G+ mng_platform.asp sub_478D28 command injection

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

D-Link DI-7400G+ 安全漏洞

The D-Link DI-7400G+ is a router from China-based AUO D-Link. A security vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which originates from a command injection due to incorrect operation of the parameter addr in the file /mngplatform.asp...

CVE-2025-57105

CVE-2025-57105 affects the D-Link DI-7400G+ router. The vulnerability resides in the jhttpd-based code paths mng_platform.asp and wayos_ac_server.asp, where the GET parameter addr/ac_mng_srv_host is written to NVRAM and then passed to system(), enabling command execution. Prerequisites observed i...

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 allows attackers to execute arbitrary commands.

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this...

D-Link多款产品 安全漏洞

D-Link DI-7003G and others are a wireless router from China AUO D-Link. A security vulnerability exists in various D-Link products, which stems from insufficient parameter filtering in the CGI handler function of upgradefilter.asp. The following products and versions are affected: D-Link DI-7003G...

CVE-2023-45575

Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...