CVE 8.7 HIGH

D-Link DIR-816L gena.cgi genacgi_main stack-based overflow_CVE-2025-13189

November 15, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AI Analysis

Stack-based buffer overflow vulnerability in D-Link DIR-816L gena.cgi

Basic Information

ID CVE-2025-13189

Source VulDB

Published Nov 15, 2025 at 06:02

Affected Product

Vendor D-Link

Product DIR-816L

Version 2_06_b09_beta

Affected Versions D-Link DIR-816L 2_06_b09_beta

CWE Classification

CWE-121 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor D-Link

Product DIR-816L

Version 2_06_b09_beta

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
    "published": "2025-11-15T06:02:05.687Z",
    "modified": "2025-11-15T06:02:05.687Z",
    "type": "cve",
    "title": "D-Link DIR-816L gena.cgi genacgi_main stack-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332478\nhttps://vuldb.com/?ctiid.332478\nhttps://vuldb.com/?submit.685540\nhttps://github.com/scanleale/IOT_sec/blob/main/DIR-816L%20stack%20overflow(gena.cgi).pdf\nhttps://www.dlink.com/",
    "id": "CVE-2025-13189",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DIR-816L 2_06_b09_beta",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIR-816L",
    "version": "2_06_b09_beta",
    "vendor": "D-Link",
    "ai_description": "Stack-based buffer overflow vulnerability in D-Link DIR-816L gena.cgi",
    "ai_severity": "High",
    "ai_vendor": "D-Link",
    "ai_product": "DIR-816L",
    "ai_version": "2_06_b09_beta",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply