CVE-2025-10440 (GCVE-0-2025-10440)
Vulnerability from cvelistv5 – Published: 2025-09-15 10:02 – Updated: 2025-09-15 16:27
VLAI?
Title
D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection
Summary
A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DI-8100 |
Affected:
16.07.26A1
Affected: 17.12.20A1 Affected: 19.12.10A1 |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
shiny (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10440",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T16:27:43.933970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T16:27:56.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"jhttpd"
],
"product": "DI-8100",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
},
{
"modules": [
"jhttpd"
],
"product": "DI-8100G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
},
{
"modules": [
"jhttpd"
],
"product": "DI-8200",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
},
{
"modules": [
"jhttpd"
],
"product": "DI-8200G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
},
{
"modules": [
"jhttpd"
],
"product": "DI-8003",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
},
{
"modules": [
"jhttpd"
],
"product": "DI-8003G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "16.07.26A1"
},
{
"status": "affected",
"version": "17.12.20A1"
},
{
"status": "affected",
"version": "19.12.10A1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "shiny (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1 wurde eine Schwachstelle gefunden. Es betrifft die Funktion sub_4621DC der Datei usb_paswd.asp der Komponente jhttpd. Die Ver\u00e4nderung des Parameters hname resultiert in os command injection. Der Angriff kann remote ausgef\u00fchrt werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T10:02:07.376Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-323874 | D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.323874"
},
{
"name": "VDB-323874 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.323874"
},
{
"name": "Submit #647835 | D-Link D-Link DI-8100\u3001DI-8100G\u3001DI-8200\u3001DI-8200G\u3001DI-8003\u3001DI-8003G DI_8100-16.07.26A1 DI_8100G-17.12.20A1 DI_8200-16.07.26A1 DI_8200G-17.12.20A1 DI_8003-16.07.26A1 DI_8003G-19.12.10A1 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.647835"
},
{
"tags": [
"related"
],
"url": "https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md#exp"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-14T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-14T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-14T17:43:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10440",
"datePublished": "2025-09-15T10:02:07.376Z",
"dateReserved": "2025-09-14T15:38:46.023Z",
"dateUpdated": "2025-09-15T16:27:56.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-10440\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2025-09-15T10:15:32.233\",\"lastModified\":\"2025-09-15T15:21:42.937\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"},{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"references\":[{\"url\":\"https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md#exp\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?ctiid.323874\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?id.323874\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?submit.647835\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://www.dlink.com/\",\"source\":\"cna@vuldb.com\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2025-09-15T10:02:07.376Z\"}, \"title\": \"D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection\", \"problemTypes\": [{\"descriptions\": [{\"type\": \"CWE\", \"cweId\": \"CWE-78\", \"lang\": \"en\", \"description\": \"OS Command Injection\"}]}, {\"descriptions\": [{\"type\": \"CWE\", \"cweId\": \"CWE-77\", \"lang\": \"en\", \"description\": \"Command Injection\"}]}], \"affected\": [{\"vendor\": \"D-Link\", \"product\": \"DI-8100\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}, {\"vendor\": \"D-Link\", \"product\": \"DI-8100G\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}, {\"vendor\": \"D-Link\", \"product\": \"DI-8200\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}, {\"vendor\": \"D-Link\", \"product\": \"DI-8200G\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}, {\"vendor\": \"D-Link\", \"product\": \"DI-8003\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}, {\"vendor\": \"D-Link\", \"product\": \"DI-8003G\", \"versions\": [{\"version\": \"16.07.26A1\", \"status\": \"affected\"}, {\"version\": \"17.12.20A1\", \"status\": \"affected\"}, {\"version\": \"19.12.10A1\", \"status\": \"affected\"}], \"modules\": [\"jhttpd\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\"}, {\"lang\": \"de\", \"value\": \"In D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1 wurde eine Schwachstelle gefunden. Es betrifft die Funktion sub_4621DC der Datei usb_paswd.asp der Komponente jhttpd. Die Ver\\u00e4nderung des Parameters hname resultiert in os command injection. Der Angriff kann remote ausgef\\u00fchrt werden. Die Ausnutzung wurde ver\\u00f6ffentlicht und kann verwendet werden.\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.3, \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P\", \"baseSeverity\": \"MEDIUM\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.3, \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R\", \"baseSeverity\": \"MEDIUM\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 6.3, \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R\", \"baseSeverity\": \"MEDIUM\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 6.5, \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR\"}}], \"timeline\": [{\"time\": \"2025-09-14T00:00:00.000Z\", \"lang\": \"en\", \"value\": \"Advisory disclosed\"}, {\"time\": \"2025-09-14T02:00:00.000Z\", \"lang\": \"en\", \"value\": \"VulDB entry created\"}, {\"time\": \"2025-09-14T17:43:54.000Z\", \"lang\": \"en\", \"value\": \"VulDB entry last update\"}], \"credits\": [{\"lang\": \"en\", \"value\": \"shiny (VulDB User)\", \"type\": \"reporter\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.323874\", \"name\": \"VDB-323874 | D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.323874\", \"name\": \"VDB-323874 | CTI Indicators (IOB, IOC, TTP, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.647835\", \"name\": \"Submit #647835 | D-Link D-Link DI-8100\\u3001DI-8100G\\u3001DI-8200\\u3001DI-8200G\\u3001DI-8003\\u3001DI-8003G DI_8100-16.07.26A1 DI_8100G-17.12.20A1 DI_8200-16.07.26A1 DI_8200G-17.12.20A1 DI_8003-16.07.26A1 DI_8003G-19.12.10A1 OS Command Injection\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md\", \"tags\": [\"related\"]}, {\"url\": \"https://github.com/2664521593/mycve/blob/main/D-Link/D-Link_CJ_1.md#exp\", \"tags\": [\"exploit\"]}, {\"url\": \"https://www.dlink.com/\", \"tags\": [\"product\"]}]}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-10440\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-15T16:27:43.933970Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-15T16:27:50.518Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2025-10440\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"VulDB\", \"dateReserved\": \"2025-09-14T15:38:46.023Z\", \"datePublished\": \"2025-09-15T10:02:07.376Z\", \"dateUpdated\": \"2025-09-15T16:27:56.083Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…