CVE Details
Basic Information
| Title |
CVE-2025-4841 |
| Type |
cve |
| Published |
2025-05-17T23:15:36 |
| Last Seen |
2025-05-17T23:21:20 |
CVSS Information
| Base Score |
8.8 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
HIGH |
| Availability Impact |
HIGH |
AI Analysis
| AI Description |
A stack-based buffer overflow vulnerability exists in the /bin/gpio function of D-Link DCS-932L version 2.18.01, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted CameraName argument. The vulnerability affects products no longer supported by the maintainer. |
| AI Severity |
High |
| Vendor |
D-Link |
| Product |
DCS-932L |
| Affected Version |
2.18.01 |
Additional Information
| CVE List |
CVE-2025-4841 |
| CWE List |
CWE-121, CWE-119 |
| Bulletin Family |
cve |
Description
A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
