CVE-2025-57636

OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...

CVE-2025-57636

OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...

CVE-2025-57637

Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code...

CVE-2025-57637

Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code...

CVE-2025-57637

Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code...

CVE-2025-57636

The CVE-2025-57636 entry describes an OS command injection in the D-Link C1 device. Affected component: jhttpd; vulnerable function sub_47F028; exploitation via the HTTP parameter time. Impact per PT-2025-39210: potential unauthorized system access. Affected versions are those prior to 2020-02-21...

CVE-2025-57637

CVE-2025-57637 describes a buffer overflow in the D-Link DI-7100G’s jhttpd service, due to improper validation of the viav4 parameter in the sub_451754 function. This can lead to denial of service or arbitrary code execution. Affected product is D-Link DI-7100G (no version details provided). The ...

D-Link DI-7100G 安全漏洞

D-Link DI-7100G is an Internet Behavior Management router for SMBs, supporting Gigabit network transfer rate some models are labeled as 100 Gigabit, equipped with 4 WAN interfaces and 1 LAN interface, built-in USB2.0 ports, and compliant with IEEE802.11n/g/b wireless standard and IEEE802.3 wired...

PT-2025-39210

Name of the Vulnerable Software and Affected Versions D-Link C1 versions prior to 2020-02-21 Description A command injection issue exists in the jhttpd component of the D-Link C1. The sub 47F028 function is susceptible to command injection through the time HTTP parameter. This allows for potentia...

CVE-2025-57637

Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code...

PT-2025-39204

Name of the Vulnerable Software and Affected Versions D-Link DI-7100G affected versions not specified Description A buffer overflow issue exists in the jhttpd service of the D-Link DI-7100G. The issue is located within the sub 451754 function and involves the viav4 parameter. Successful...

D-Link DI-7100G 安全漏洞

D-Link DI-7100G is an Internet Behavior Management router for SMBs, supporting Gigabit network transfer rate some models are labeled as 100 Gigabit, equipped with 4 WAN interfaces and 1 LAN interface, built-in USB2.0 ports, and compliant with IEEE802.11n/g/b wireless standard and IEEE802.3 wired...

CVE-2025-57636

OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...

CVE-2025-10440

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub4621DC of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument hname leads to os comma...

CVE-2025-10441 D-Link DI-8100G/DI-8200G/DI-8003G jhttpd version_upgrade.asp sub_433F7C os command injection

A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1. Affected by this issue is the function sub433F7C of the file versionupgrade.asp of the component jhttpd. The manipulation of the argument path results in os command injection. The attack may be launched...

CVE-2025-10441

CVE-2025-10441 affects D-Link DI-8100G/DI-8200G/DI-8003G (versions 17.12.20A1 and 19.12.10A1) where the function sub_433F7C in version_upgrade.asp of the jhttpd component mishandles the path argument, resulting in an OS command injection. The issue can be exploited remotely without user interacti...

CVE-2025-10440

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub4621DC of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument hname leads to os comma...

CVE-2025-10440 D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub4621DC of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument hname leads to os comma...

CVE-2025-10440

The CVE-2025-10440 issue affects D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G devices (firmware lines 16.07.26A1, 17.12.20A1, 19.12.10A1) in the jhttpd component. The vulnerability exists in the function sub_4621DC within usb_paswd.asp and stems from improper handling of the hname ar...

CVE-2025-10440 D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub4621DC of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument hname leads to os comma...