CVE-2025-11338 | D-Link DI-7100G C1 up to 20250928 jhttpd /webchat/login.cgi sub_4C0990 openid buffer overflow

Inserito da Angelo Barbosa | Ott 5, 2025 | CVE

A vulnerability described as critical has been identified in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow.

This vulnerability is registered as CVE-2025-11338. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-11338 | D-Link DI-7100G C1 up to 20250928 jhttpd /webchat/login.cgi sub_4C0990 openid buffer overflow

Post correlati

CVE-2022-45352 | Muffingroup Betheme Plugin up to 26.6.1 on WordPress authorization

CVE-2023-7242 | CISA Ethercat Zeek Plugin Packet Analyzer out-of-bounds (icsa-24-051-02)

CVE-2025-52569 | JuliaWeb GitHub.jl up to 5.9.0 GitHub.repo information disclosure

CVE-2025-4551 | ContiNew Admin up to 3.6.0 /dev-api/common/file File cross site scripting