VYPR

DI-8400

by Dlink

CVEs (5)

  • CVE-2024-44400CriSep 4, 2024
    risk 0.65cvss 9.8epss 0.14

    A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection.

  • CVE-2026-10206HigJun 1, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now…

  • CVE-2025-9938HigSep 4, 2025
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2024-52739HigNov 20, 2024
    risk 0.53cvss 8.0epss 0.09

    D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.

  • CVE-2025-8175MedJul 26, 2025
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. It is possible to…