CVE Details
Basic Information
| Title | D-Link DIR-825 HTTP POST Request do_file stack-based overflow |
|---|---|
| Type | cve |
| Published | 2025-06-20T00:00:22.878Z |
| Last Seen |
Product Information
| Vendor | D-Link |
|---|---|
| Product | DIR-825 |
| Version | 2.03 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical vulnerability in D-Link DIR-825 routers allows remote attackers to cause a stack-based buffer overflow via the HTTP POST request handler’s do_file function. This can lead to remote code execution or service disruption. The vulnerability is particularly severe as the product is no longer supported by the vendor, meaning no patches are available. |
|---|---|
| AI Severity | Critical |
| Vendor | D-Link |
| Product | DIR-825 |
| Affected Version | 2.03 |
Affected Products
- D-Link DIR-825 2.03
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-121, CWE-119 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.