CVE-2025-5228 | D-Link DI-8100 up to 20250523 jhttpd /login.cgi httpd_get_parm notify stack-based overflow

Inserito da Angelo Barbosa | Mag 26, 2025 | CVE

A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2025-5228. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

CVE-2025-5228 | D-Link DI-8100 up to 20250523 jhttpd /login.cgi httpd_get_parm notify stack-based overflow

Post correlati

CVE-2024-28403 | Totolink X2000R prior 1.0.0-B20231213.1013 VPN Page cross site scripting

CVE-2024-8077 | TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 setTracerouteCfg os command injection

CVE-2025-4031 | PHPGurukul Pre-School Enrollment System 1.0 /admin/aboutus.php pagetitle sql injection

CVE-2024-3665 | Rank Math SEO with AI SEO Tools Plugin up to 1.0.216 on WordPress titleWrapper cross site scripting