Multiple Microsoft Windows Products Vulnerabilities

April 11, 2025

Critical File Inclusion Flaw Found in WordPress Plugin, Exposing Sites to Attack

April 11, 2025

Multiple D-LINK DI-8100 Vulnerabilities

April 11, 2025

Severity

High

Analysis Summary

CVE-2025-28395 CVSS:8.8

D-LINK DI-8100 is vulnerable to a buffer overflow, caused by improper bounds checking by the ipsec_road_asp function via the host_ip parameter.

CVE-2025-28398 CVSS:8.8

D-LINK DI-8100 is vulnerable to a buffer overflow, caused by improper bounds checking by the ipsec_net_asp function via the remot_ip parameter.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2025-28395
CVE-2025-28398

Affected Vendors

D-Link

Affected Products

D-Link DI-8100 - 16.07.26A1

Remediation

Refer to the D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Hackers Actively Exploit Critical Vulnerabilities in Exchange and SharePoint Servers

Mirai Botnet aka Katana – Active IOCs

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Microsoft Windows Products Vulnerabilities

Critical File Inclusion Flaw Found in WordPress Plugin, Exposing Sites to Attack

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.