Search criteria
4 vulnerabilities found for di-8100g by dlink
VAR-202409-0401
Vulnerability from variot - Updated: 2025-08-15 23:30D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-8100G is a broadband router designed for small and medium-sized network environments. It supports multi-line bandwidth stacking, PPPoE/WEB authentication and billing, intelligent traffic control, and Internet behavior management. An attacker could exploit this vulnerability to submit a specially crafted request and execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202409-0401",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-8100g",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "17.12.20a1"
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "di-8100g firmware 17.12.20a1"
},
{
"model": "di-8100g",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g 17.12.20a1",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"cve": "CVE-2024-44401",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-18432",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-44401",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-44401",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-44401",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-44401",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2024-44401",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-18432",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-8100G is a broadband router designed for small and medium-sized network environments. It supports multi-line bandwidth stacking, PPPoE/WEB authentication and billing, intelligent traffic control, and Internet behavior management. An attacker could exploit this vulnerability to submit a specially crafted request and execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-44401"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "CNVD",
"id": "CNVD-2025-18432"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-44401",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-18432",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"id": "VAR-202409-0401",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
}
]
},
"last_update_date": "2025-08-15T23:30:35.974000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/lonelylonglong/openfile-/blob/main/d-link_di_8100ga1_command_injection.md/d-link_di_8100ga1_command_injection.md"
},
{
"trust": 1.8,
"url": "https://github.com/lonelylonglong/openfile-/blob/main/d-link_di_8100ga1_command_injection.md/cve-2024-44401"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-44401"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"date": "2024-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"date": "2024-09-06T16:15:03.110000",
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18432"
},
{
"date": "2024-09-13T05:47:00",
"db": "JVNDB",
"id": "JVNDB-2024-007985"
},
{
"date": "2024-09-12T16:09:45.050000",
"db": "NVD",
"id": "CVE-2024-44401"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0di-8100g\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-007985"
}
],
"trust": 0.8
}
}
VAR-202409-0358
Vulnerability from variot - Updated: 2025-08-15 23:10D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-8100G is a broadband router designed for small and medium-sized network environments. It supports multi-line bandwidth aggregation, PPPoE/WEB authentication and billing, intelligent traffic control, and Internet behavior management.
The D-Link DI-8100G suffers from a command injection vulnerability in the msp_info.htm file, allowing an attacker to submit specially crafted requests and execute arbitrary commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202409-0358",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-8100g",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "17.12.20a1"
},
{
"model": "di-8100g",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "di-8100g firmware 17.12.20a1"
},
{
"model": "di-8100g 17.12.20a1",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"cve": "CVE-2024-44402",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-18433",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-44402",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-44402",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2024-44402",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-44402",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2024-44402",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-18433",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DI-8100G is a broadband router designed for small and medium-sized network environments. It supports multi-line bandwidth aggregation, PPPoE/WEB authentication and billing, intelligent traffic control, and Internet behavior management. \n\nThe D-Link DI-8100G suffers from a command injection vulnerability in the msp_info.htm file, allowing an attacker to submit specially crafted requests and execute arbitrary commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-44402"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "CNVD",
"id": "CNVD-2025-18433"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-44402",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-18433",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"id": "VAR-202409-0358",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
}
]
},
"last_update_date": "2025-08-15T23:10:34.987000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/lonelylonglong/openfile-/blob/main/msp.md/msp.md"
},
{
"trust": 1.8,
"url": "https://github.com/lonelylonglong/openfile-/blob/main/msp.md/cve-2024-44402"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-44402"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"date": "2024-09-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"date": "2024-09-06T16:15:03.183000",
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-08-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-18433"
},
{
"date": "2024-09-11T00:41:00",
"db": "JVNDB",
"id": "JVNDB-2024-007708"
},
{
"date": "2024-09-10T16:58:57.847000",
"db": "NVD",
"id": "CVE-2024-44402"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0di-8100g\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-007708"
}
],
"trust": 0.8
}
}
VAR-202505-2312
Vulnerability from variot - Updated: 2025-06-03 23:20D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8100 is a broadband router designed by D-Link for small and medium-sized network environments. The vulnerability is caused by the lack of strict input filtering in the logic code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-2312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-8100g",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "16.07.26a1"
},
{
"model": "di-8100g",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "di-8100g firmware 16.07.26a1"
},
{
"model": "d-link di-8100 16.07.26a1",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"cve": "CVE-2025-44084",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-10943",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2025-44084",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-006084",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2025-44084",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2025-006084",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-10943",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system. D-Link Systems, Inc. of di-8100g Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8100 is a broadband router designed by D-Link for small and medium-sized network environments. The vulnerability is caused by the lack of strict input filtering in the logic code",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-44084"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "CNVD",
"id": "CNVD-2025-10943"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-44084",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-10943",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"id": "VAR-202505-2312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
}
]
},
"last_update_date": "2025-06-03T23:20:39.229000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-44084"
},
{
"trust": 1.0,
"url": "https://github.com/piposy/iotsec/blob/main/dlink/di8100/di8100-a1-2.md"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"date": "2025-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"date": "2025-05-20T17:15:49.007000",
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-10943"
},
{
"date": "2025-06-02T03:23:00",
"db": "JVNDB",
"id": "JVNDB-2025-006084"
},
{
"date": "2025-05-30T16:19:21.193000",
"db": "NVD",
"id": "CVE-2025-44084"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0di-8100g\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-006084"
}
],
"trust": 0.8
}
}
VAR-202505-1775
Vulnerability from variot - Updated: 2025-06-01 23:12A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8100g An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link, a Chinese company.
D-Link DI-8100 has a buffer overflow vulnerability, which is caused by the failure to properly verify the length of the input data in the parameter def/defTcp/defUdp/defIcmp/defOther in the file /ctx.asp. Attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202505-1775",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "di-8100g",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "16.07.26a1"
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "di-8100g firmware 16.07.26a1"
},
{
"model": "di-8100g",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100g",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "di-8100 16.07.26a1",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"cve": "CVE-2025-4883",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CVE-2025-4883",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Multiple",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-005462",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.4,
"id": "CNVD-2025-11163",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2025-4883",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-005462",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-4883",
"trust": 1.0,
"value": "High"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2025-4883",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2025-005462",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-11163",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-8100g An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link, a Chinese company. \n\nD-Link DI-8100 has a buffer overflow vulnerability, which is caused by the failure to properly verify the length of the input data in the parameter def/defTcp/defUdp/defIcmp/defOther in the file /ctx.asp. Attackers can use this vulnerability to execute arbitrary code on the system or cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-4883"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "CNVD",
"id": "CNVD-2025-11163"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-4883",
"trust": 3.2
},
{
"db": "VULDB",
"id": "309436",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-11163",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"id": "VAR-202505-1775",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
}
]
},
"last_update_date": "2025-06-01T23:12:54.322000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/yhuanhuan01/di-8100_vulnerability_report/blob/main/di-8100-vulnerability_report_ctxz.md"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.309436"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.576392"
},
{
"trust": 1.8,
"url": "https://www.dlink.com/"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.309436"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-4883"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"date": "2025-05-18T15:15:18",
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-11163"
},
{
"date": "2025-05-22T03:05:00",
"db": "JVNDB",
"id": "JVNDB-2025-005462"
},
{
"date": "2025-05-21T19:38:13.727000",
"db": "NVD",
"id": "CVE-2025-4883"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0di-8100g\u00a0 Out-of-bounds write vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-005462"
}
],
"trust": 0.8
}
}