A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 16 Sep 2025 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink di-8400 Firmware
CPEs cpe:2.3:h:dlink:di-8400:a1:*:*:*:*:*:*:*
cpe:2.3:o:dlink:di-8400_firmware:16.07.26a1:*:*:*:*:*:*:*
Vendors & Products Dlink di-8400 Firmware

Thu, 31 Jul 2025 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink di-8400
Vendors & Products Dlink
Dlink di-8400

Mon, 28 Jul 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 26 Jul 2025 03:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of the file usb_paswd.asp of the component jhttpd. The manipulation of the argument share_enable leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title D-Link DI-8400 jhttpd usb_paswd.asp null pointer dereference
Weaknesses CWE-404
CWE-476
References
Metrics cvssV2_0

{'score': 6.8, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-07-28T15:59:02.067Z

Reserved: 2025-07-25T07:55:16.872Z

Link: CVE-2025-8175

cve-icon Vulnrichment

Updated: 2025-07-28T15:58:50.568Z

cve-icon NVD

Status : Analyzed

Published: 2025-07-26T03:15:25.743

Modified: 2025-09-16T18:34:57.553

Link: CVE-2025-8175

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-31T10:21:31Z