PT-2025-37463

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8100G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200G versions 16.07.26A1, 17.12.20A1, and...

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

The vulnerability of the usb_paswd.asp file in the jhttpd component of D-Link DI-8400 router software allows a hacker to induce a service failure.

The vulnerability of the usbpaswd.asp file of the jhttpd component in D-Link DI-8400 router microprogramming software is related to pointer swapping errors. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

The vulnerability of the /pppoe_base.asp file of the jhttpd component of D-link DI-8100 router software allows a hacker to execute arbitrary code.

The vulnerability of the /pppoebase.asp file of the jhttpd component of D-link DI-8100 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

CVE-2025-8175

A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument shareenable leads to null pointer dereference. It is possible to initiate the attack...

D-Link DI-8400 Null Pointer Dereference Vulnerability

D-Link DI-8400 is an Internet Behavior Management router from D-Link designed for medium to large enterprise network environments, supporting 360 users with parallel access and full Gigabit port configuration. The D-Link DI-8400 suffers from a null pointer dereference vulnerability that originate...

CVE-2025-8175

A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument shareenable leads to null pointer dereference. It is possible to initiate the attack...

PT-2025-30946 · D Link · D-Link Di-8400

Name of the Vulnerable Software and Affected Versions: D-Link DI-8400 version 16.07.26A1 Description: A vulnerability exists in the jhttpd component of the software. The manipulation of the share enable argument in the usb paswd.asp file leads to a null pointer dereference. This issue can be...

CVE-2025-7908

A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is an enterprise-class router from D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 1.0, which originates from an insufficient checksum of parameter mx in the sprintf function in the /ddns.asp?opt=add file of component jhttpd. The vulnerability can b...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is an enterprise-class router device from D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 1.0, which originates from the improper handling of the parameters removeextproto/removeextport by the sprintf function in the /upnpctrl.asp file of the...

PT-2025-30219 · D Link · Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 1.0 Description: A critical issue exists in the D-Link DI-8100 device. The sprintf function within the /ddns.asp?opt=add file, part of the jhttpd component, is susceptible to a stack-based buffer overflow. Manipulation ...

D-Link DI-500WF 安全漏洞

D-Link DI-500WF is a panel type wireless AP access point, designed with international wireless standards, supporting 2.4GHz band, wireless transmission speed up to 300Mbps, in line with the green concept. A buffer overflow vulnerability exists in the D-Link DI-500WF. The vulnerability stems from...

CVE-2025-6881

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoebase.asp of the component jhttpd. The manipulation of the argument mschapen leads to buffer overflow. The attack may be launched remotely. Th...

PT-2025-28737 · D Link · D-Link Di-500Wf

Name of the Vulnerable Software and Affected Versions: D-Link DI-500WF version 17.04.10A1T Description: A critical issue affects the sprintf function of the ip position.asp file in the jhttpd component. Manipulation of the ip argument leads to a stack-based buffer overflow. This issue can be...

CVE-2025-6881

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoebase.asp of the component jhttpd. The manipulation of the argument mschapen leads to buffer overflow. The attack may be launched remotely. Th...

CVE-2025-6881 D-Link DI-8100 jhttpd pppoe_base.asp buffer overflow

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoebase.asp of the component jhttpd. The manipulation of the argument mschapen leads to buffer overflow. The attack may be launched remotely. Th...

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

CVE-2025-5228

A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpdgetparm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated with...