Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52222 | 1 Dlink | 18 Di-8003, Di-8003 Firmware, Di-8003g and 15 more | 2026-04-14 | N/A | 7.5 HIGH |
| D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-9938 | 1 Dlink | 2 Di-8400, Di-8400 Firmware | 2025-09-29 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-8175 | 1 Dlink | 2 Di-8400, Di-8400 Firmware | 2025-09-16 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-52739 | 1 Dlink | 2 Di-8400, Di-8400 Firmware | 2025-05-09 | N/A | 8.0 HIGH |
| D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters. | |||||
| CVE-2024-44400 | 1 Dlink | 2 Di-8400, Di-8400 Firmware | 2024-10-11 | N/A | 9.8 CRITICAL |
| A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection. | |||||