xyh4ck

7 exploits Active since Aug 2025
CVE-2025-57105 WRITEUP CRITICAL WORKING POC
D-Link DI-7400G+ Firmware - OS Command Injection via ac_mng_srv_host Parameter
The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host.
CVSS 9.8
CVE-2025-9769 WRITEUP MEDIUM WORKING POC
D-Link DI-7400G+ 19.12.25A1 - OS Command Injection via mng_platform.asp addr Parameter
A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345 > poc.txt` results in command injection. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited.
CVSS 4.1
CVE-2026-7633 WRITEUP MEDIUM WORKING POC
Totolink N300RH cstecgi.cgi setUploadSetting file inclusion
A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and might be used.
CVSS 6.5
CVE-2026-6158 WRITEUP HIGH WORKING POC
Totolink N300RH upgrade.so setUpgradeUboot os command injection
A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
CVSS 7.3
CVE-2025-15356 WRITEUP HIGH WRITEUP
Tenda AC20 Firmware <= 16.03.08.12 - Buffer Overflow via PowerSaveSet sscanf Argument
A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 8.8
CVE-2025-15357 WRITEUP MEDIUM WORKING POC
D-Link DI-7400G+ 19.12.25A1 - OS Command Injection via cmd Parameter
A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used.
CVSS 6.3
CVE-2025-9769 WRITEUP MEDIUM WORKING POC
D-Link DI-7400G+ 19.12.25A1 - OS Command Injection via mng_platform.asp addr Parameter
A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345 > poc.txt` results in command injection. An attack on the physical device is feasible. The exploit has been released to the public and may be exploited.
CVSS 4.1