D-Link DI-7001 MINI msp_info.htm command injection_CVE-2025-12313

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-12313

Source VulDB

Published Oct 27, 2025 at 20:02

Modified Oct 27, 2025 at 20:22

Affected Product

Vendor D-Link

Product DI-7001 MINI

Version 19.09.19A1

Affected Versions D-Link DI-7001 MINI 19.09.19A1
D-Link DI-7001 MINI 24.04.18B1

CWE Classification

CWE-77 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-10-27T20:02:06.408Z",
    "modified": "2025-10-27T20:22:23.877Z",
    "type": "cve",
    "title": "D-Link DI-7001 MINI msp_info.htm command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.329985\nhttps://vuldb.com/?ctiid.329985\nhttps://vuldb.com/?submit.676887\nhttps://github.com/DavCloudz/cve/issues/7\nhttps://www.dlink.com/",
    "id": "CVE-2025-12313",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "D-Link DI-7001 MINI 19.09.19A1\nD-Link DI-7001 MINI 24.04.18B1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DI-7001 MINI",
    "version": "19.09.19A1",
    "vendor": "D-Link",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}