D Link · Di-7400G+ Router · CVE-2025-57105
Name of the Vulnerable Software and Affected Versions:
DI-7400G+ router (affected versions not specified)
Description:
The DI-7400G+ router contains a command injection flaw that enables attackers to execute arbitrary commands on the device. This issue affects the `sub 478D28` function within `mng platform.asp` and the `sub 4A12DC` function within `wayos ac server.asp` of the `jhttpd` program, specifically through the `ac mng srv host` parameter.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.