CNNVD-202507-3274 Information
CNNVD ID
CNNVD-202507-3274
Related CVE
- CNNVD Published: 2025-07-25
Description (Chinese)
D-Link DSP-W215是中国友讯(D-Link)公司的一款智能插头产品。 D-Link DSP-W215 1.02版本存在安全漏洞,该漏洞源于my_cgi.cgi组件处理HTTP POST请求不当,可能导致栈缓冲区溢出和远程代码执行。
Description (English)
D-Link DSP-W215 is a smart plug-in for the Chinese company D-Link. There is a security loophole in version D-Link DSP-W215 1.02, which stems from the inappropriate handling of HTTP POST requests by the My cgi.cgi component, which may result in spilling over the buffer zone and remote code implementation.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
友讯
Published
2025-07-25
Last Modified
2026-02-24
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ http://www.devttys0.com/2014/05/hacking-the-dspw215-again/ https://web.archive.org/web/20140525215526/ https://www.exploit-db.com/exploits/34063 https://www.fortiguard.com/encyclopedia/ips/38932/d-link-info-cgi-post-request-buffer-overflow https://www.vulncheck.com/advisories/dlink-stack-based-buffer-overflow-rce https://access.redhat.com/security/cve/cve-2014-125117
Share on: