CVE-2025-52222
- EPSS 0.02%
- Veröffentlicht 08.04.2026 00:00:00
- Zuletzt bearbeitet 14.04.2026 15:45:21
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow vi...
CVE-2025-9938
- EPSS 0.29%
- Veröffentlicht 03.09.2025 23:32:10
- Zuletzt bearbeitet 29.09.2025 18:30:16
A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack rem...
CVE-2025-8175
- EPSS 0.28%
- Veröffentlicht 26.07.2025 03:15:25
- Zuletzt bearbeitet 29.04.2026 01:00:01
A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer derefer...
- EPSS 3.52%
- Veröffentlicht 20.11.2024 18:15:23
- Zuletzt bearbeitet 09.05.2025 14:09:43
D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
CVE-2024-44400
- EPSS 39.88%
- Veröffentlicht 04.09.2024 13:15:06
- Zuletzt bearbeitet 11.10.2024 17:15:03
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.