CVE-2025-8175
BaseFortify
Publication date: 2025-07-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | di-8400_firmware | 16.07.26a1 |
| dlink | di-8400 | a1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the D-Link DI-8400 router (version 16.07.26A1) within the jhttpd component's usb_paswd.asp file. It is caused by improper handling of the 'share_enable' argument, which when manipulated remotely (such as by omitting or providing an empty value), leads to a null pointer dereference. This means the software tries to access memory through a pointer that is NULL, causing the application to crash or exit unexpectedly. [1, 2]
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition. Because the null pointer dereference causes the web program (likely the embedded HTTP server) to crash, the device becomes unavailable or unresponsive. This can disrupt network services relying on the router. The attack can be performed remotely without authentication, and exploit code is publicly available, increasing the risk of exploitation. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by scanning for the presence of the vulnerable D-Link DI-8400 router firmware version 16.07.26A1, especially by checking for the accessible usb_paswd.asp page. One detection method is to use Google dorking with the query 'inurl:usb_paswd.asp' to identify potentially vulnerable devices. Additionally, sending HTTP requests to the usb_paswd.asp page with the 'share_enable' parameter omitted or empty may trigger the vulnerability, causing the web server to crash, which can be monitored. For example, using curl to send such a request: curl -X GET 'http://<target-ip>/usb_paswd.asp?share_enable=' and observing if the device becomes unresponsive or the service crashes can indicate vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations have been reported for this vulnerability. The suggested immediate step is to replace the affected D-Link DI-8400 device with an alternative product that is not vulnerable. Monitoring network traffic for exploitation attempts and restricting access to the vulnerable web interface may help reduce risk temporarily. [1]