CVE-2025-11407
published 2025-10-07CVE-2025-11407: A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the…
low2.1CVSS 4.0
AVNACLATNPRLUINVCLVILVALSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | di-7001_mini | — | — |
| dlink | di-7001mini-8g_firmware | — | — |
| msrc | azl3_grpc_1.62.0-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_grpc_1.62.3-1_on_azure_linux_3.0 | — | — |