CVE-2025-11338
Published: 06 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11338 is a buffer overflow vulnerability (CWE-119, CWE-120) affecting the D-Link DI-7100G C1 router in versions up to 20250928. The flaw resides in the sub_4C0990 function within the /webchat/login.cgi file of the jhttpd component, where manipulation of the "openid" argument triggers the overflow. Published on 2025-10-06, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation by attackers possessing low privileges, such as authenticated users, with low attack complexity and no user interaction required. Successful exploitation can result in high confidentiality, integrity, and availability impacts, potentially allowing arbitrary code execution or full system compromise.
Advisories provide details via VulDB entries (https://vuldb.com/?ctiid.327221, https://vuldb.com/?id.327221, https://vuldb.com/?submit.664619), D-Link's site (https://www.dlink.com/), and additional resources (https://www.yuque.com/jh0ng/vmpda6/kggo2ngrcphzvwml). An exploit has been published and may be used, heightening the urgency for affected users to monitor for updates.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in public-facing web application (/webchat/login.cgi) on D-Link router allows remote exploitation for initial access via arbitrary code execution.