CVE-2025-11407

A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
Configurations

No configuration.

History

07 Oct 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-10-07 20:15

Updated : 2025-10-08 19:38


NVD link : CVE-2025-11407

Mitre link : CVE-2025-11407

CVE.ORG link : CVE-2025-11407


JSON object : View

Products Affected

No product.

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')