CVE-2025-11335 | D-Link DI-7100G C1 up to 20250928 jhttpd /msp_info.htm?flag=qos sub_46409C iface command injection

A vulnerability identified as critical has been detected in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection.

This vulnerability is tracked as CVE-2025-11335. The attack is possible to be carried out remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More