CVE-2025-7194 | D-Link DI-500WF 17.04.10A1T jhttpd ip_position.asp sprintf ip stack-based overflow

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow.

This vulnerability is known as CVE-2025-7194. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-7194 | D-Link DI-500WF 17.04.10A1T jhttpd ip_position.asp sprintf ip stack-based overflow

Post correlati

CVE-2025-32405 | RT-Labs P-Net up to 1.0.1 RPC Packet out-of-bounds write

CVE-2025-27106 | chrisleekr binance-trading-bot prior 0.0.100 Restore Endpoint os command injection (GHSA-wq6j-4388-4gg5)

CVE-2024-46948 | Northern.tech Mender up to 3.6.4/3.7.4 access control

CVE-2025-22214 | Landray EIS up to 2006 fi_message_receiver.aspx replyid sql injection