CNNVD-202602-1173 Information

CNNVD ID

CNNVD-202602-1173

Related CVE

CVE-2026-2193

• CNNVD Published: 2026-02-08

Description (Chinese)

D-Link DI-7100G是中国友讯（D-Link）公司的一款无线路由器。 D-Link DI-7100G C1 24.04.18D1版本存在命令注入漏洞，该漏洞源于对函数set_jhttpd_info的参数usb_username操作不当，可能导致命令注入。

Description (English)

D-Link DI-7100G is a wireless router of D-Link. The D-Link DI-7100G C1 24.04.18D1 version contains a command-injecting loophole, which results from inappropriate operation of the parameter for function set jhttpd info, usb username, which may lead to the command-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

友讯

Published

2026-02-08

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.344896 https://github.com/glkfc/IoT-Vulnerability/blob/main/D-Link/Dlink_4.md https://vuldb.com/?submit.749803 https://www.dlink.com/ https://vuldb.com/?id.344896 https://access.redhat.com/security/cve/cve-2026-2193