Details of VAR-202506-0630

ID

VAR-202506-0630

CVE

CVE-2025-5969

TITLE

D-Link Systems, Inc. of DIR-632 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-009100

DESCRIPTION

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-632 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-632 is a router of D-Link, a Chinese company. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-5969 // JVNDB: JVNDB-2025-009100 // CNVD: CNVD-2025-13066

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13066

AFFECTED PRODUCTS

vendor:	dlink	model:	dir-632	scope:	eq	version:	103b08	Trust: 1.0
vendor:	d link	model:	dir-632	scope:	eq	version:	-	Trust: 0.8
vendor:	d link	model:	dir-632	scope:	eq	version:	dir-632 firmware 103b08	Trust: 0.8
vendor:	d link	model:	dir-632	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-632 fw103b08	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-13066 // JVNDB: JVNDB-2025-009100 // NVD: CVE-2025-5969

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-5969
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-009100
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-13066
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-5969
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-009100
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-13066
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-5969
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-009100
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-13066 // JVNDB: JVNDB-2025-009100 // NVD: CVE-2025-5969

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-009100 // NVD: CVE-2025-5969

EXTERNAL IDS

db:	NVD	id:	CVE-2025-5969	Trust: 3.2
db:	VULDB	id:	311845	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-009100	Trust: 0.8
db:	CNVD	id:	CNVD-2025-13066	Trust: 0.6

sources: CNVD: CNVD-2025-13066 // JVNDB: JVNDB-2025-009100 // NVD: CVE-2025-5969

REFERENCES

url:	https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir632-dlink-fun_00425fd8	Trust: 2.4
url:	https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir632-dlink-fun_00425fd8#poc	Trust: 1.8
url:	https://vuldb.com/?id.311845	Trust: 1.8
url:	https://vuldb.com/?submit.592336	Trust: 1.8
url:	https://www.dlink.com/	Trust: 1.8
url:	https://vuldb.com/?ctiid.311845	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-5969	Trust: 0.8

sources: CNVD: CNVD-2025-13066 // JVNDB: JVNDB-2025-009100 // NVD: CVE-2025-5969

SOURCES

db:	CNVD	id:	CNVD-2025-13066
db:	JVNDB	id:	JVNDB-2025-009100
db:	NVD	id:	CVE-2025-5969

LAST UPDATE DATE

2025-07-18T23:28:50.348000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-13066	date:	2025-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2025-009100	date:	2025-07-17T05:02:00
db:	NVD	id:	CVE-2025-5969	date:	2025-07-16T19:32:26.337

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-13066	date:	2025-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2025-009100	date:	2025-07-17T00:00:00
db:	NVD	id:	CVE-2025-5969	date:	2025-06-10T17:25:20.293