CNNVD-202510-812 Information

CNNVD ID

CNNVD-202510-812

Related CVE

CVE-2025-11335

• CNNVD Published: 2025-10-06

Description (Chinese)

D-Link DI-7100G是中国友讯（D-Link）公司的一款无线路由器。 D-Link DI-7100G 20250928及之前版本存在命令注入漏洞，该漏洞源于对文件/msp_info.htm?flag=qos中参数iface的错误操作，可能导致命令注入攻击。

Description (English)

D-Link DI-7100G is a wireless router of D-Link. D-Link DI-7100G 20250928 and earlier versions had a command-injecting loophole, which stemmed from an error in the parameter face in the document/msp info.htm?flag=qos, which could lead to an order-injecting attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2025-10-06

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.327218 https://vuldb.com/?id.327218 https://vuldb.com/?submit.664597 https://www.dlink.com/ https://www.yuque.com/jh0ng/vmpda6/fpqlhpkb0orgseav https://www.yuque.com/jh0ng/vmpda6/fpqlhpkb0orgseav#DOhrV