Unrated severityNVD Advisory· Published Oct 6, 2025· Updated Oct 6, 2025

D-Link DI-7100G C1 jhttpd hi_block.asp sub_4BD4F8 buffer overflow

CVE-2025-11339

Description

A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected products

Dlink/DI-7100Gllm-fuzzy
Range: <= 20250928
D-Link/DI-7100G C1v5
Range: 20250928

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.yuque.com/jh0ng/vmpda6/zr11zfssl8h74bn3mitreexploit
vuldb.commitrethird-party-advisory
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description
www.dlink.commitreproduct
www.yuque.com/jh0ng/vmpda6/zr11zfssl8h74bn3mitrerelated

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000