← Back

Di 8400 Firmware

di-8400_firmware

Vendor: Dlink • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-52222
1Dlink
9Di 8003 Firmware
Di 8003g FirmwareDi 8100 Firmware+6 more
Apr 14, 2026
Apr 8, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered t...Show more
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.Show less
CVE-2025-9938
1Dlink
1Di 8400 Firmware
Sep 29, 2025
Sep 4, 2025
7.4 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possi...Show more
A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.Show less
CVE-2025-8175
1Dlink
1Di 8400 Firmware
Apr 29, 2026
Jul 26, 2025
5.7 MEDIUM· v4
7.5 HIGH· v3
6.8 MEDIUM· v2
A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable...Show more
A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-52739
1Dlink
1Di 8400 Firmware
May 9, 2025
Nov 20, 2024
N/A· v4
8.0 HIGH· v3
N/A· v2
D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
CVE-2024-44400
1Dlink
1Di 8400 Firmware
Oct 11, 2024
Sep 4, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead...Show more
A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.Show less