CVE-2025-11339

D-Link DI-7100G C1 jhttpd hi_block.asp sub_4BD4F8 buffer overflow

Description

A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub_4BD4F8 of the file /webchat/hi_block.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

INFO

Published Date :

2025-10-06T16:32:09.380Z

Last Modified :

2025-10-06T17:16:06.762Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-11339 vulnerability.

Vendors	Products
D-link	Di-7100g C1
Dlink	Di-7100g C1 Di-7100g C1 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-11339.

URL	Resource
https://vuldb.com/?ctiid.327222
https://vuldb.com/?id.327222
https://vuldb.com/?submit.664635
https://www.dlink.com/
https://www.yuque.com/jh0ng/vmpda6/zr11zfssl8h74bn3
https://www.yuque.com/jh0ng/vmpda6/zr11zfssl8h74bn3#Wjajr

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact