Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/12/30 12:0 a.m.6 views

D-Link DI-7400G+ 命令注入漏洞

The D-Link DI-7400G+ is a router from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which stems from incorrect manipulation of the parameter cmd in the file /mspinfo.htm?flag=cmd, which can lead to command injection...

9.8CVSS6.9AI score0.03801EPSS
Exploits1References5
CVE
CVE
added 2025/09/01 8:2 a.m.19 views

CVE-2025-9769

The CVE-2025-9769 vulnerability affects D-Link DI-7400G+ (firmware 19.12.25A1). It is triggered by the function sub_478D28 in /mng_platform.asp, where manipulating the addr argument with the input echo 12345 > poc.txt leads to a command injection. This can enable an attacker to run arbitrary c...

6.2CVSS4.7AI score0.25875EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.3 views

D-Link DI-7400G+ 安全漏洞

The D-Link DI-7400G+ is a router from China-based AUO D-Link. A security vulnerability exists in the D-Link DI-7400G+ version 19.12.25A1, which originates from a command injection due to incorrect operation of the parameter addr in the file /mngplatform.asp...

6.2CVSS5.3AI score0.25875EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.4 views

D-Link DI-7300G+ 命令注入漏洞

The D-Link DI-7300G+ is a ruggedized enterprise-grade smart gateway from China's AUO D-Link. A command injection vulnerability exists in the D-Link DI-7300G+ version 19.12.25A1, which stems from the incorrect operation of the parameter url in the file wgettest.asp resulting in os command injectio...

8.8CVSS6.9AI score0.0406EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.5 views

PT-2025-27421 · D Link · D-Link Di-7300G+

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ version 19.12.25A1 Description: A critical issue was found in the httpd debug.asp file, where the manipulation of the Time argument leads to os command injection. The exploit has been disclosed to the public and may be used...

9.8CVSS7.9AI score0.03413EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.4 views

D-Link DI-7300G+ 命令注入漏洞

D-Link DI-7300G+ is a ruggedized enterprise-grade smart gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7300G+ version 19.12.25A1, which stems from the incorrect operation of the parameters proxysrv, proxylanport, proxylanip, and proxysrvport in the file...

8.8CVSS6.9AI score0.08981EPSS
Exploits0References6
Rows per page
Query Builder