VYPR

DIR-878A1

by Dlink

CVEs (4)

  • CVE-2025-60674Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The vulnerability occurs when the "Serial Number" field from a USB device is read via sscanf into a 64-byte stack buffer, while fgets…

  • CVE-2025-60673Nov 13, 2025
    risk 0.00cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct…

  • CVE-2025-60676Nov 13, 2025
    risk 0.00cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell…

  • CVE-2025-60672Nov 13, 2025
    risk 0.00cvss epss 0.04

    An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later…