CVE-2025-7911 | D-Link DI-8100 1.0 jhttpd /upnp_ctrl.asp sprintf remove_ext_proto/remove_ext_port stack-based overflow

Inserito da Angelo Barbosa | Lug 19, 2025 | CVE

A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow.

This vulnerability was named CVE-2025-7911. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-7911 | D-Link DI-8100 1.0 jhttpd /upnp_ctrl.asp sprintf remove_ext_proto/remove_ext_port stack-based overflow

Post correlati

CVE-2024-9987 | Artica Pandora FMS up to 777.2 agents_modules_csv filters sql injection

CVE-2024-27029 | Linux Kernel up to 6.7.10/6.8.1 amdgpu out-of-bounds (e1e076bda4fd/1f24b3040f2b/6540ff6482c1)

CVE-2024-5792 | Houzez CRM Plugin up to 1.4.2 on WordPress sql injection

CVE-2024-11179 | MStore API Plugin up to 4.15.7 on WordPress sql injection