Sign-up

ID

VAR-202502-2111


CVE

CVE-2025-25745


TITLE

D-Link Systems, Inc.  of  dir-853  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-004414

DESCRIPTION

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetQuickVPNSettings module. D-Link Systems, Inc. (DoS) It may be in a state. The D-Link DIR-853 is a dual-band wireless router that supports the 802.11ac protocol, providing dual-band network connections in 2.4GHz (up to 400Mbps) and 5GHz (up to 867Mbps), making it ideal for HD video streaming and online gaming. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-25745 // JVNDB: JVNDB-2025-004414 // CNVD: CNVD-2025-18560

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-18560

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-853scope:eqversion:1.20b07

Trust: 1.0

vendor:d linkmodel:dir-853scope:eqversion: -

Trust: 0.8

vendor:d linkmodel:dir-853scope:eqversion:dir-853 firmware 1.20b07

Trust: 0.8

vendor:d linkmodel:dir-853scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-853 a1 fw1.20b07scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-18560 // JVNDB: JVNDB-2025-004414 // NVD: CVE-2025-25745

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-25745
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-004414
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-18560
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-18560
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-25745
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-004414
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-18560 // JVNDB: JVNDB-2025-004414 // NVD: CVE-2025-25745

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-004414 // NVD: CVE-2025-25745

EXTERNAL IDS

db:NVDid:CVE-2025-25745

Trust: 3.2

db:JVNDBid:JVNDB-2025-004414

Trust: 0.8

db:CNVDid:CNVD-2025-18560

Trust: 0.6

sources: CNVD: CNVD-2025-18560 // JVNDB: JVNDB-2025-004414 // NVD: CVE-2025-25745

REFERENCES

url:https://dear-sunshine-ba5.notion.site/d-link-dir-853-2-1812386a664480ea82a7f8321d967187

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2025-25745

Trust: 0.8

sources: CNVD: CNVD-2025-18560 // JVNDB: JVNDB-2025-004414 // NVD: CVE-2025-25745

SOURCES

db:CNVDid:CNVD-2025-18560
db:JVNDBid:JVNDB-2025-004414
db:NVDid:CVE-2025-25745

LAST UPDATE DATE

2025-08-17T23:43:48.665000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-18560date:2025-08-15T00:00:00
db:JVNDBid:JVNDB-2025-004414date:2025-05-08T00:35:00
db:NVDid:CVE-2025-25745date:2025-05-02T17:53:57.653

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-18560date:2025-08-14T00:00:00
db:JVNDBid:JVNDB-2025-004414date:2025-05-08T00:00:00
db:NVDid:CVE-2025-25745date:2025-02-14T16:15:37.010