Sign-up

ID

VAR-202507-2661


CVE

CVE-2025-8184


TITLE

D-Link Systems, Inc.  of  DIR-513  Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-010549

DESCRIPTION

A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-513 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-513 is a portable wireless router featuring a slim design and ease of use. It supports IEEE 802.11n and 802.11g/b standards and offers a maximum transmission rate of 300Mbps. An attacker could exploit this vulnerability by remotely sending specially crafted data to trigger the buffer overflow, resulting in a denial of service or arbitrary code execution

Trust: 2.16

sources: NVD: CVE-2025-8184 // JVNDB: JVNDB-2025-010549 // CNVD: CNVD-2025-17353

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-17353

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-513scope:gteversion:1.0

Trust: 1.0

vendor:dlinkmodel:dir-513scope:lteversion:1.10

Trust: 1.0

vendor:d linkmodel:dir-513scope:eqversion: -

Trust: 0.8

vendor:d linkmodel:dir-513scope:eqversion:dir-513 firmware 1.0 to 1.10

Trust: 0.8

vendor:d linkmodel:dir-513scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-513scope:lteversion:<=1.10

Trust: 0.6

sources: CNVD: CNVD-2025-17353 // JVNDB: JVNDB-2025-010549 // NVD: CVE-2025-8184

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-8184
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2025-8184
value: CRITICAL

Trust: 1.0

OTHER: JVNDB-2025-010549
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2025-17353
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-8184
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-010549
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2025-17353
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-8184
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-8184
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2025-010549
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-17353 // JVNDB: JVNDB-2025-010549 // NVD: CVE-2025-8184 // NVD: CVE-2025-8184

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

problemtype: Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-010549 // NVD: CVE-2025-8184

EXTERNAL IDS

db:NVDid:CVE-2025-8184

Trust: 3.2

db:VULDBid:317597

Trust: 2.4

db:JVNDBid:JVNDB-2025-010549

Trust: 0.8

db:CNVDid:CNVD-2025-17353

Trust: 0.6

sources: CNVD: CNVD-2025-17353 // JVNDB: JVNDB-2025-010549 // NVD: CVE-2025-8184

REFERENCES

url:https://vuldb.com/?id.317597

Trust: 2.4

url:https://vuldb.com/?submit.622222

Trust: 2.4

url:https://github.com/infinitelin/lin-s-cvedb/blob/main/dir-513/formsetwanpptp.md

Trust: 2.4

url:https://www.dlink.com/

Trust: 2.4

url:https://vuldb.com/?ctiid.317597

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2025-8184

Trust: 0.8

sources: CNVD: CNVD-2025-17353 // JVNDB: JVNDB-2025-010549 // NVD: CVE-2025-8184

SOURCES

db:CNVDid:CNVD-2025-17353
db:JVNDBid:JVNDB-2025-010549
db:NVDid:CVE-2025-8184

LAST UPDATE DATE

2025-08-05T23:19:00.723000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-17353date:2025-08-01T00:00:00
db:JVNDBid:JVNDB-2025-010549date:2025-08-04T06:12:00
db:NVDid:CVE-2025-8184date:2025-07-31T17:26:31.540

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-17353date:2025-08-01T00:00:00
db:JVNDBid:JVNDB-2025-010549date:2025-08-04T00:00:00
db:NVDid:CVE-2025-8184date:2025-07-26T09:15:27.153