Details of VAR-202506-3360

ID

VAR-202506-3360

CVE

CVE-2025-6882

TITLE

D-Link Systems, Inc. of DIR-513 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-009344

DESCRIPTION

A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-513 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-513 is a wireless router product of D-Link, a Chinese company. The vulnerability is caused by the parameter curTime in the file /goform/formSetWanPPTP failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Trust: 2.16

sources: NVD: CVE-2025-6882 // JVNDB: JVNDB-2025-009344 // CNVD: CNVD-2025-15610

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-15610

AFFECTED PRODUCTS

vendor:	dlink	model:	dir-513	scope:	eq	version:	1.0	Trust: 1.0
vendor:	d link	model:	dir-513	scope:	eq	version:	dir-513 firmware 1.0	Trust: 0.8
vendor:	d link	model:	dir-513	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	dir-513	scope:	eq	version:	-	Trust: 0.8
vendor:	d link	model:	dir-513	scope:	eq	version:	v1.0	Trust: 0.6

sources: CNVD: CNVD-2025-15610 // JVNDB: JVNDB-2025-009344 // NVD: CVE-2025-6882

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-6882
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-009344
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-15610
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-6882
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-009344
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-15610
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-6882
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-009344
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-15610 // JVNDB: JVNDB-2025-009344 // NVD: CVE-2025-6882

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-009344 // NVD: CVE-2025-6882

EXTERNAL IDS

db:	NVD	id:	CVE-2025-6882	Trust: 3.2
db:	VULDB	id:	314361	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-009344	Trust: 0.8
db:	CNVD	id:	CNVD-2025-15610	Trust: 0.6

sources: CNVD: CNVD-2025-15610 // JVNDB: JVNDB-2025-009344 // NVD: CVE-2025-6882

REFERENCES

url:	https://vuldb.com/?id.314361	Trust: 1.8
url:	https://vuldb.com/?submit.603693	Trust: 1.8
url:	https://www.dlink.com/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-6882	Trust: 1.4
url:	https://vuldb.com/?ctiid.314361	Trust: 1.0

sources: CNVD: CNVD-2025-15610 // JVNDB: JVNDB-2025-009344 // NVD: CVE-2025-6882

SOURCES

db:	CNVD	id:	CNVD-2025-15610
db:	JVNDB	id:	JVNDB-2025-009344
db:	NVD	id:	CVE-2025-6882

LAST UPDATE DATE

2025-07-22T23:33:45.901000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-15610	date:	2025-07-14T00:00:00
db:	JVNDB	id:	JVNDB-2025-009344	date:	2025-07-18T08:44:00
db:	NVD	id:	CVE-2025-6882	date:	2025-07-14T17:18:53.997

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-15610	date:	2025-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2025-009344	date:	2025-07-18T00:00:00
db:	NVD	id:	CVE-2025-6882	date:	2025-06-30T03:15:26.287