CVE-2025-15357 | D-Link DI-7400G+ 19.12.25A1 /msp_info.htm?flag=cmd command injection

December 30, 2025 Yanac

A vulnerability described as critical has been identified in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection.

This vulnerability is reported as CVE-2025-15357. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More

CVE-2025-15360 | newbee-mall-plus 2.0.0 Product Information Edit Page UploadController.java upload File unrestricted upload
Tis the season when tech leaders rub their crystal balls