D-Link Di-500Wf vulnerabilities
2 known vulnerabilities affecting d-link/di-500wf.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2025-9745P2HIGHCVSS 7.2v14.04.10A1T2025-08-31
CVE-2025-9745 [HIGH] CWE-77 CVE-2025-9745: A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is a
A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /version_upgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
nvd
CVE-2025-7194P2HIGHCVSS 8.8v17.04.10A1T2025-07-08
CVE-2025-7194 [HIGH] CWE-119 CVE-2025-7194: A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected
A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public
nvd