CVE-2025-7194 | D-Link DI-500WF 17.04.10A1T jhttpd ip_position.asp sprintf ip stack-based overflow

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow.

This vulnerability is known as CVE-2025-7194. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-7194 | D-Link DI-500WF 17.04.10A1T jhttpd ip_position.asp sprintf ip stack-based overflow

Post correlati

CVE-2022-49086 | Linux Kernel up to 5.17.2 openvswitch memory leak

CVE-2024-41753 | IBM Cloud Pak for Business Automation up to 24.0.0 IF004/24.0.1 IF001 Web UI cross site scripting

CVE-2023-7200 | EventON Plugin up to 4.4.0 on WordPress cross site scripting

CVE-2024-26156 | ETIC Telecom Remote Access Server RAS up to 4.5.0 method cross site scripting (icsa-22-307-01)