D-Link Di-8100 vulnerabilities

14 known vulnerabilities affecting d-link/di-8100.

Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH11MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-10440MEDIUMCVSS 5.3v16.07.26A1v17.12.20A1+1 more2025-09-15
CVE-2025-10440 [MEDIUM] CWE-77 CVE-2025-10440: A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. Th
cvelistv5nvd
CVE-2025-7908HIGHCVSS 7.4v1.02025-07-20
CVE-2025-7908 [HIGH] CWE-119 CVE-2025-7908: A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may
cvelistv5nvd
CVE-2025-7911HIGHCVSS 7.4v1.02025-07-20
CVE-2025-7911 [HIGH] CWE-119 CVE-2025-7911: A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects t A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the pub
cvelistv5nvd
CVE-2025-7790HIGHCVSS 7.4v16.07.26A12025-07-18
CVE-2025-7790 [HIGH] CWE-119 CVE-2025-7790: A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This aff A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has be
cvelistv5nvd
CVE-2025-7762HIGHCVSS 7.4v16.07.26A12025-07-17
CVE-2025-7762 [HIGH] CWE-119 CVE-2025-7762: A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may
cvelistv5nvd
CVE-2025-7602HIGHCVSS 7.3v16.07.26A12025-07-14
CVE-2025-7602 [HIGH] CWE-119 CVE-2025-7602: A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affect A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd
CVE-2025-7603HIGHCVSS 7.3v16.07.26A12025-07-14
CVE-2025-7603 [HIGH] CWE-119 CVE-2025-7603: A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd
CVE-2025-6881HIGHCVSS 7.4v16.07.212025-06-30
CVE-2025-6881 [HIGH] CWE-119 CVE-2025-6881: A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by thi A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be us
cvelistv5nvd
CVE-2025-5228HIGHCVSS 8.7v202505232025-05-27
CVE-2025-5228 [HIGH] CWE-119 CVE-2025-5228: A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affe A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to
cvelistv5nvd
CVE-2025-4883HIGHCVSS 8.6v16.07.26A12025-05-18
CVE-2025-4883 [HIGH] CWE-119 CVE-2025-4883: A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulne A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploi
cvelistv5nvd
CVE-2025-4544HIGHCVSS 7.5v16.07.26A12025-05-11
CVE-2025-4544 [HIGH] CWE-119 CVE-2025-4544: A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiate
cvelistv5nvd
CVE-2025-3538HIGHCVSS 8.7v16.07.26A12025-04-13
CVE-2025-3538 [HIGH] CWE-119 CVE-2025-3538: A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue af A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the pu
cvelistv5nvd
CVE-2024-7833MEDIUMCVSS 5.3v16.072024-08-15
CVE-2024-7833 [MEDIUM] CWE-77 CVE-2024-7833: A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd
CVE-2024-7436MEDIUMCVSS 5.3v16.072024-08-03
CVE-2024-7436 [MEDIUM] CWE-77 CVE-2024-7436: A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issu A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function msp_info_htm of the file msp_info.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273521 w
cvelistv5nvd