CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2025-15357

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-15357

The CVE-2025-15357 issue affects D-Link DI-7400G+ with firmware 19.12.25A1. The vulnerability lies in function handling of /msp_info.htm?flag=cmd, where improper manipulation of the cmd parameter enables remote command injection. Exploitation is publicly available (PoC). Depending on the CVSS sou...

PT-2025-54228

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

D-Link DI-7400G+ 命令注入漏洞

The D-Link DI-7400G+ is a router from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm?flag=cmd, which can lead to command injection...

Exploit for Command Injection in Dlink Di-7400G\+_Firmware

CVE-2025-57105 D-Link DI-7400G+ Command Injection Ove...

EUVD-2025-28889

Malicious code in bioql PyPI...

EUVD-2023-49867

Malicious code in bioql PyPI...

CVE-2025-9769

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

CVE-2025-9769

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

CVE-2025-9769 D-Link DI-7400G+ mng_platform.asp sub_478D28 command injection

A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub478D28 of the file /mngplatform.asp. The manipulation of the argument addr with the input echo 12345 poc.txt results in command injection. An attack on the physical device is feasible. The exploit has...

D-Link DI-7400G+ 安全漏洞

The D-Link DI-7400G+ is a router from China-based AUO D-Link. A security vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which originates from a command injection due to incorrect operation of the parameter addr in the file /mngplatform.asp...

CVE-2025-57105

CVE-2025-57105 affects the D-Link DI-7400G+ router. The vulnerability resides in the jhttpd-based code paths mng_platform.asp and wayos_ac_server.asp, where the GET parameter addr/ac_mng_srv_host is written to NVRAM and then passed to system(), enabling command execution. Prerequisites observed i...

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 allows attackers to execute arbitrary commands.

The vulnerability of the CGI function in D-Link router microprogramming devices such as DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this...

D-Link多款产品 安全漏洞

D-Link DI-7003G and others are a wireless router from China AUO D-Link. A security vulnerability exists in various D-Link products, which stems from insufficient parameter filtering in the CGI handler function of upgradefilter.asp. The following products and versions are affected: D-Link DI-7003G...

CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2023-45575

Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...