D-Link DI-7001 MINI 命令注入漏洞

The D-Link DI-7001 MINI is a multi-functional intelligent gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7001 MINI version 19.09.19A1 and version 24.04.18B1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm, which coul...

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

The vulnerability of the msp_info_htm() function in D-Link DI-8200 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8200 router microprogramming software is related to the execution of operations outside the buffer during the processing of the flag and cmd parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the msp_info_htm function in D-Link DI-8400 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8400 router microprogramming software is related to the lack of measures taken to neutralize special elements used in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands when processing the flag a...

D-Link DI-8200 安全漏洞

The D-Link DI-8200 is an enterprise router from China-based AUO D-Link. The D-Link DI-8200 suffers from a command injection vulnerability that stems from a remote command execution vulnerability in the flag parameter and cmd parameter of the mspinfohtm function. No details of the vulnerability ar...

PT-2024-8579 · D Link · D-Link Di-8400

Name of the Vulnerable Software and Affected Versions: D-LINK DI-8400 version 16.07.26A1 Description: The issue is related to the msp info htm function in the D-LINK DI-8400 router's firmware, which does not properly neutralize special elements used in a command. This can be exploited by a remote...

The vulnerability of the msp_info_htm function in D-Link DI-8300 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8300 router microprogramming software is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the GET request...

PT-2024-6374 · D Link · D-Link Di-8300

Name of the Vulnerable Software and Affected Versions: D-Link DI-8300 version 16.07.26A1 Description: The issue is related to the msp info htm function in the D-Link DI-8300 router's firmware, which is vulnerable to command injection. This vulnerability can be exploited by a remote attacker to...

WAYOS FBM-291W 安全漏洞

WAYOS FBM-291W is a wireless router from WAYOS. A security vulnerability exists in WAYOS FBM-291W version v19.09.11. An attacker can exploit the vulnerability to execute commands via mspinfohtm...

D-Link DI_8004W msp_info_htm Function Command Execution Vulnerability

D-Link DI8004W is an Internet Behavior Management router designed for small and medium-sized businesses by AUO, supporting 40-50 devices to access the network at the same time. The D-Link DI8004W suffers from a command execution vulnerability that stems from the inclusion of the jhttpd mspinfohtm...

The vulnerability of the msp_info_htm() function in the msp_info.htm file of the D-Link DI-8100 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in the mspinfo.htm file of the D-Link DI-8100 router’s microprogramming system is related to the lack of data cleaning at the control level when processing the cmd parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

D-Link DI-8100 命令注入漏洞

D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-8100 version 16.07, which originates in the mspinfohtm function of the file mspinfo.htm, where manipulation of th...

PT-2024-5385 · D Link · D-Link Di-8100

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07 Description: A critical issue has been found in the function msp info htm of the file msp info.htm, related to inadequate data sanitization on the management level when processing the cmd parameter. This can lead ...