CVE-2025-12313 | D-Link DI-7001 MINI 19.09.19A1/24.04.18B1 /msp_info.htm cmd command injection

Inserito da Angelo Barbosa | Ott 26, 2025 | CVE

A vulnerability was found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1 and classified as critical. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to command injection.

This vulnerability is traded as CVE-2025-12313. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-12313 | D-Link DI-7001 MINI 19.09.19A1/24.04.18B1 /msp_info.htm cmd command injection

Post correlati

CVE-2024-11732 | BP Profile Shortcodes Extra Plugin up to 2.6.0 on WordPress Shortcode tab sql injection

CVE-2024-6426 | MESbook 20221021.03 API information disclosure

CVE-2025-11339 | D-Link DI-7100G C1 up to 20250928 jhttpd /webchat/hi_block.asp sub_4BD4F8 popupId buffer overflow

CVE-2024-39905 | Cog-Creators Red-DiscordBot up to 3.5.9 can_manage_channel authorization (GHSA-5jq8-q6rj-9gq4)