Sign-up

ID

VAR-202511-0038


CVE

CVE-2025-13188


DESCRIPTION

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Trust: 1.0

sources: NVD: CVE-2025-13188

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-816lscope:eqversion:2.06.b09

Trust: 1.0

sources: NVD: CVE-2025-13188

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-13188
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2025-13188
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2025-13188
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2025-13188

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

sources: NVD: CVE-2025-13188

EXTERNAL IDS

db:VULDBid:332476

Trust: 1.0

db:NVDid:CVE-2025-13188

Trust: 1.0

sources: NVD: CVE-2025-13188

REFERENCES

url:https://vuldb.com/?submit.685538

Trust: 1.0

url:https://www.dlink.com/

Trust: 1.0

url:https://vuldb.com/?id.332476

Trust: 1.0

url:https://github.com/scanleale/iot_sec/blob/main/dir-816l%20stack%20overflow(authentication.cgi).pdf

Trust: 1.0

url:https://vuldb.com/?ctiid.332476

Trust: 1.0

sources: NVD: CVE-2025-13188

SOURCES

db:NVDid:CVE-2025-13188

LAST UPDATE DATE

2025-11-20T23:10:24.143000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2025-13188date:2025-11-20T14:34:12.100

SOURCES RELEASE DATE

db:NVDid:CVE-2025-13188date:2025-11-14T23:15:43.843