CVE-2025-4544 D-Link DI-8100 jhttpd ddos.asp stack-based overflow

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument defmax/deftime/deftcpmax/deftcptime/defudpmax/defudptime/deficmpmax leads to...

CVE-2025-4544

The CVE-2025-4544 entry concerns D-Link DI-8100 (firmware up to 16.07.26A1) with a stack-based overflow in jhttpd handling of /ddos.asp. The root cause is improper handling/validation of def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max parameters, enabling a remote ...

PT-2025-20666 · D Link · D-Link Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 versions up to 16.07.26A1 Description: A critical issue affects the processing of the file /ddos.asp of the component jhttpd. The manipulation of the arguments def max, def time, def tcp max, def tcp time, def udp max, def udp...

D-Link DI-8100 Router Stack Buffer Overflow Vulnerability

The D-Link DI-8100 is a broadband router from D-Link designed for small to medium sized network environments. A stack buffer overflow vulnerability exists in the D-Link DI-8100. The vulnerability stems from the authasp function in the /auth.asp file in the jhttpd component not effectively limitin...

CVE-2025-3538 D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function authasp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within th...

PT-2025-16178 · D Link · D-Link Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07.26A1 Description: A critical issue affects the function auth asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to a stack-based buffer overflow. The attack needs to...

D-Link DI_8004W upgrade_filter_asp Function Command Execution Vulnerability

D-Link DI8004W is an Internet Behavior Management router from AUO D-Link designed for small and medium-sized businesses, supporting 40-50 devices to access the network at the same time. The D-Link DI8004W suffers from a command execution vulnerability that stems from the jhttpd upgradefilterasp...

CVE-2024-44381

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in jhttpd mspinfohtm function...

CVE-2024-44382

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgradefilterasp function...

CVE-2024-44381

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in jhttpd mspinfohtm function...

CVE-2024-44382

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgradefilterasp function...

CVE-2024-44381

CVE-2024-44381 affects the D-Link DI_8004W, specifically the jhttpd module’s msp_info_htm function (firmware 16.07.26A1). The vulnerability enables command execution due to insufficient input filtering/command sanitization in the msp_info_htm code path, with potential impact to confidentiality, i...

CVE-2024-44382

Summary (CVE-2024-44382): The vulnerability affects D-Link DI_8004W router firmware version 16.07.26A1. It is a command execution flaw in the jhttpd function upgrade_filter_asp, resulting from failure to properly filter construct command characters. The issue allows arbitrary command execution an...

CVE-2024-44381

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in jhttpd mspinfohtm function...

D-Link DI_8004W 安全漏洞

D-Link DI8004W is an Internet Behavior Management router designed for small and medium-sized businesses by AUO, supporting 40-50 devices to access the network at the same time. The D-Link DI8004W suffers from a command execution vulnerability that stems from the inclusion of the jhttpd mspinfohtm...

CVE-2024-44382

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgradefilterasp function...

CVE-2024-44381

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in jhttpd mspinfohtm function...

D-Link DI_8004W 安全漏洞

D-Link DI8004W is an Internet Behavior Management router from AUO D-Link designed for small and medium-sized businesses, supporting 40-50 devices to access the network at the same time. The D-Link DI8004W suffers from a command execution vulnerability that stems from the jhttpd upgradefilterasp...

CVE-2024-44382

D-Link DI8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgradefilterasp function...

PT-2024-6460 · D Link · D-Link Di 8004W

Name of the Vulnerable Software and Affected Versions: D-Link DI 8004W version 16.07.26A1 Description: The issue is related to a command execution vulnerability in the msp info htm function of the jhttpd module. This vulnerability may allow a remote attacker to execute arbitrary commands. The...