Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

D-Link DI-7100G C1 Buffer Overflow Vulnerability in jhttpd Component

Vulnerability

Exploited

A buffer overflow vulnerability has been identified in the D-Link DI-7100G C1 router, in versions prior to 20250928. The issue arises in the jhttpd component, specifically within the '/webchat/login.cgi' file and the 'sub_4C0990' function. The vulnerability can be exploited remotely by manipulating the 'openid' argument, leading to a buffer overflow condition.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can potentially be used to execute arbitrary code or cause a denial-of-service condition.

Added: Oct 6, 2025, 4:24 PM

Updated: Oct 6, 2025, 4:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

D-Link DI-7100G C1 Buffer Overflow Vulnerability in jhttpd Component

Vulnerability

Impact

Affected Products

D-Link DI-7100G C1

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating