How severe is CVE-2025-15357?

CVE-2025-15357 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2025-15357

Name: di-7400g\+
Author: dlink

6.3MEDIUM

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The at

게시됨: 12/30/2025업데이트됨: 1/9/2026

설명

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used.

AI 분석AI 기반

영향받는 제품

dlinkdi-7400g\+_firmware

19.12.25a1

dlinkdi-7400g\+

참조

https://github.com/xyh4ck/iot_poc/tree/main/D-Link_DI_7400G%2B_Command_Injection
ExploitThird Party Advisory
https://vuldb.com/?ctiid.338743
Permissions RequiredVDB Entry
https://vuldb.com/?id.338743
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.726376
Third Party AdvisoryVDB Entry
https://www.dlink.com/
Product