Details of VAR-202503-0079

ID

VAR-202503-0079

CVE

CVE-2025-1877

TITLE

D-Link Systems, Inc. of DAP-1562 Improper Shutdown and Release of Resources in Firmware Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-002244

DESCRIPTION

A vulnerability, which was classified as critical, was found in D-Link DAP-1562 1.10. This affects the function pure_auth_check of the component HTTP POST Request Handler. The manipulation of the argument a1 leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DAP-1562 The firmware contains vulnerabilities related to improper shutdown and release of resources, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. D-Link DAP-1562 is a wireless bridge produced by D-Link of China. No detailed vulnerability details are provided at present

Trust: 2.16

sources: NVD: CVE-2025-1877 // JVNDB: JVNDB-2025-002244 // CNVD: CNVD-2025-13070

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13070

AFFECTED PRODUCTS

vendor:	dlink	model:	dap-1562	scope:	eq	version:	1.10	Trust: 1.0
vendor:	d link	model:	dap-1562	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dap-1562	scope:	eq	version:	-	Trust: 0.8
vendor:	d link	model:	dap-1562	scope:	eq	version:	dap-1562 firmware 1.10	Trust: 0.8
vendor:	d link	model:	d-link dap-1562	scope:	eq	version:	1.10	Trust: 0.6

sources: CNVD: CNVD-2025-13070 // JVNDB: JVNDB-2025-002244 // NVD: CVE-2025-1877

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-1877
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2025-1877
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-002244
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-13070
value:	MEDIUM
Trust: 0.6

cna@vuldb.com:	CVE-2025-1877
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-002244
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-13070
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-1877
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-1877
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2025-002244
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-13070 // JVNDB: JVNDB-2025-002244 // NVD: CVE-2025-1877 // NVD: CVE-2025-1877

PROBLEMTYPE DATA

problemtype:	CWE-404	Trust: 1.0
problemtype:	CWE-476	Trust: 1.0
problemtype:	Improper shutdown and release of resources (CWE-404) [ others ]	Trust: 0.8
problemtype:	NULL Pointer dereference (CWE-476) [NVD evaluation ]	Trust: 0.8
problemtype:	NULL Pointer dereference (CWE-476) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-002244 // NVD: CVE-2025-1877

EXTERNAL IDS

db:	NVD	id:	CVE-2025-1877	Trust: 3.2
db:	VULDB	id:	298191	Trust: 1.0
db:	JVNDB	id:	JVNDB-2025-002244	Trust: 0.8
db:	CNVD	id:	CNVD-2025-13070	Trust: 0.6

sources: CNVD: CNVD-2025-13070 // JVNDB: JVNDB-2025-002244 // NVD: CVE-2025-1877

REFERENCES

url:	https://vuldb.com/?submit.506526	Trust: 1.8
url:	https://witty-maiasaura-083.notion.site/d-link-dap-1562-pure_auth_check-vulnerability-1a5b2f2a63618013a1fecb743f2d0667	Trust: 1.8
url:	https://www.dlink.com/	Trust: 1.8
url:	https://vuldb.com/?ctiid.298191	Trust: 1.6
url:	https://vuldb.com/?id.298191	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-1877	Trust: 0.8

sources: CNVD: CNVD-2025-13070 // JVNDB: JVNDB-2025-002244 // NVD: CVE-2025-1877

SOURCES

db:	CNVD	id:	CNVD-2025-13070
db:	JVNDB	id:	JVNDB-2025-002244
db:	NVD	id:	CVE-2025-1877

LAST UPDATE DATE

2025-06-21T23:37:54.106000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-13070	date:	2025-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2025-002244	date:	2025-03-11T05:32:00
db:	NVD	id:	CVE-2025-1877	date:	2025-03-06T12:21:35.360

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-13070	date:	2025-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2025-002244	date:	2025-03-11T00:00:00
db:	NVD	id:	CVE-2025-1877	date:	2025-03-03T19:15:34.180