CVE-2025-57105

Critical CVSS: 9.8

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host.

Vendor

Dlink

Product

Di-7400g\+ Firmware

CWE

CWE-77

Yayın Tarihi

2025-08-22 17:15:35

Güncelleme

2025-10-02 13:07:11

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Di-7400g\+ Firmware CRITICAL Dlink 2025

Referanslar

http://di-7400.com https://github.com/xyh4ck/iot_poc https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI-7400G%2B https://www.dlink.com/en/security-bulletin/ https://github.com/xyh4ck/iot_poc

Benzer Kayıtlar

Medium

CVE-2026-5312

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

Medium

CVE-2026-5311

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-32…

High

CVE-2026-5214

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-32…

Medium

CVE-2026-5215

A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

High

CVE-2026-5213

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…

High

CVE-2026-5212

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, D…