CVE-2025-57105 — Command Injection in Dlink Di-7400g + Firmware

CWE-77 — Command Injection4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

0.4%

top 38.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Di-7400g + Firmware

Timeline

PublishedAug 22

Description

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDdlink/di-7400g_+_firmware19.12.25a1

🔴Vulnerability Details

GHSA

GHSA-wqmc-rmvw-c4mh: The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device↗2025-08-22

▶

CVEList

CVE-2025-57105: The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device↗2025-08-22

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS D-Link mng_platform.asp addr Parameter Command Injection Attempt (CVE-2025-57105, CVE-2025-9769)↗2025-08-22

▶