CVE-2025-9938
- EPSS 0.11%
- Published 03.09.2025 23:32:10
- Last modified 29.09.2025 18:30:16
A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack rem...
CVE-2025-8175
- EPSS 0.13%
- Published 26.07.2025 03:15:25
- Last modified 16.09.2025 18:34:57
A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer derefer...
- EPSS 0.54%
- Published 20.11.2024 18:15:23
- Last modified 09.05.2025 14:09:43
D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
CVE-2024-44400
- EPSS 14.93%
- Published 04.09.2024 13:15:06
- Last modified 11.10.2024 17:15:03
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.