Dlink Di-7100G C1 Firmware vulnerabilities

5 known vulnerabilities affecting dlink/di-7100g_c1_firmware.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2026-2194MEDIUMCVSS 5.3v24.04.18d12026-02-09
CVE-2026-2194 [MEDIUM] CWE-74 CVE-2026-2194: A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function start_proxy_client A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function start_proxy_client_email. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
nvd
CVE-2026-2193MEDIUMCVSS 5.3v24.04.18d12026-02-08
CVE-2026-2193 [MEDIUM] CWE-74 CVE-2026-2193: A vulnerability was detected in D-Link DI-7100G C1 24.04.18D1. Affected by this issue is the functio A vulnerability was detected in D-Link DI-7100G C1 24.04.18D1. Affected by this issue is the function set_jhttpd_info. Performing a manipulation of the argument usb_username results in command injection. Remote exploitation of the attack is possible.
nvd
CVE-2025-11339HIGHCVSS 7.4v2025-09-282025-10-06
CVE-2025-11339 [HIGH] CWE-119 CVE-2025-11339: A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-11338HIGHCVSS 7.4v2025-09-282025-10-06
CVE-2025-11338 [HIGH] CWE-119 CVE-2025-11338: A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
nvd
CVE-2025-11335MEDIUMCVSS 5.1v2025-09-282025-10-06
CVE-2025-11335 [MEDIUM] CWE-74 CVE-2025-11335: A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public
nvd