Unrated severityNVD Advisory· Published Aug 22, 2025· Updated Aug 26, 2025

CVE-2025-57105

Description

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host.

Affected products

DI-7400G+/DI-7400G+description

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

di-7400.commitre
www.dlink.com.cn/techsupport/ProductInfo.aspxmitre
www.dlink.com/en/security-bulletin/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000