Multiple SAP Products Vulnerabilities

April 14, 2025

Multiple Microsoft Windows Products Vulnerabilities

April 14, 2025

CVE-2025-3538 – D-Link DI-8100 Firmware Vulnerability

April 14, 2025

Severity

High

Analysis Summary

CVE-2025-3538

A critical vulnerability exists in the D-Link DI-8100 firmware version 16.07.26A1. The vulnerability is located in the /auth.asp file within the jhttpd component, specifically in the auth_asp function. An attacker can trigger a stack-based buffer overflow by manipulating the callback argument. The attack requires the attacker to be within the local network. The vulnerability has been publicly disclosed, and an exploit is potentially available for malicious use.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2025-3538

Affected Vendors

D-Link

Affected Products

D-Link DI-8100 firmware - 16.07.26A1

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Hackers Actively Exploit Critical Vulnerabilities in Exchange and SharePoint Servers

Mirai Botnet aka Katana – Active IOCs

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple SAP Products Vulnerabilities

Multiple Microsoft Windows Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.