{"id":17412,"date":"2025-09-15T05:36:53","date_gmt":"2025-09-15T05:36:53","guid":{"rendered":"http:\/\/localhost\/?p=17412"},"modified":"2025-09-15T05:36:53","modified_gmt":"2025-09-15T05:36:53","slug":"d-link-di-8100di-8100gdi-8200di-8200gdi-8003di-8003g-jhttpd-usbpaswdasp-sub4621dc-os-command-injecti","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=17412","title":{"rendered":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440"},"content":{"rendered":"

{“lastseen”:””,”description”:”A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1\/17.12.20A1\/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument hname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.”,”published”:”2025-09-15T10:02:07.376Z”,”modified”:”2025-09-15T10:02:07.376Z”,”type”:”cve”,”title”:”D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection”,”source”:”VulDB”,”references”:”https:\/\/vuldb.com\/?id.323874\\nhttps:\/\/vuldb.com\/?ctiid.323874\\nhttps:\/\/vuldb.com\/?submit.647835\\nhttps:\/\/github.com\/2664521593\/mycve\/blob\/main\/D-Link\/D-Link_CJ_1.md\\nhttps:\/\/github.com\/2664521593\/mycve\/blob\/main\/D-Link\/D-Link_CJ_1.md#exp\\nhttps:\/\/www.dlink.com\/”,”id”:”CVE-2025-10440″,”bulletinFamily”:””,”cwe”:[“CWE-78″,”CWE-77″],”cvelist”:null,”sourceData”:”D-Link DI-8100 16.07.26A1\\nD-Link DI-8100 17.12.20A1\\nD-Link DI-8100 19.12.10A1\\nD-Link DI-8100G 16.07.26A1\\nD-Link DI-8100G 17.12.20A1\\nD-Link DI-8100G 19.12.10A1\\nD-Link DI-8200 16.07.26A1\\nD-Link DI-8200 17.12.20A1\\nD-Link DI-8200 19.12.10A1\\nD-Link DI-8200G 16.07.26A1\\nD-Link DI-8200G 17.12.20A1\\nD-Link DI-8200G 19.12.10A1\\nD-Link DI-8003 16.07.26A1\\nD-Link DI-8003 17.12.20A1\\nD-Link DI-8003 19.12.10A1\\nD-Link DI-8003G 16.07.26A1\\nD-Link DI-8003G 17.12.20A1\\nD-Link DI-8003G 19.12.10A1″,”sourceHref”:””,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”DI-8100″,”version”:”16.07.26A1″,”vendor”:”D-Link”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1\/17.12.20A1\/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-17412","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nD-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=17412\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1\/17.12.20A1\/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=17412\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-15T05:36:53+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"D-Link DI-8100\\\/DI-8100G\\\/DI-8200\\\/DI-8200G\\\/DI-8003\\\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440\",\"datePublished\":\"2025-09-15T05:36:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412\"},\"wordCount\":319,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-5.3\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=17412#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412\",\"name\":\"D-Link DI-8100\\\/DI-8100G\\\/DI-8200\\\/DI-8200G\\\/DI-8003\\\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-09-15T05:36:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=17412\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=17412#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"D-Link DI-8100\\\/DI-8100G\\\/DI-8200\\\/DI-8200G\\\/DI-8003\\\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=17412","og_locale":"en_US","og_type":"article","og_title":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem","og_description":"{“lastseen”:””,”description”:”A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1\/17.12.20A1\/19.12.10A1. Affected by this vulnerability is the function sub_4621DC of the...","og_url":"https:\/\/zero.redgem.net\/?p=17412","og_site_name":"zero redgem","article_published_time":"2025-09-15T05:36:53+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=17412#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=17412"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440","datePublished":"2025-09-15T05:36:53+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=17412"},"wordCount":319,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-5.3","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=17412#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=17412","url":"https:\/\/zero.redgem.net\/?p=17412","name":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-09-15T05:36:53+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=17412#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=17412"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=17412#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"D-Link DI-8100\/DI-8100G\/DI-8200\/DI-8200G\/DI-8003\/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection_CVE-2025-10440"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/17412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=17412"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/17412\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=17412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=17412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=17412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}