Stack-Based Buffer Overflow in D-Link DIR-853 Router
CVE-2025-25744

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: DIR-853
Vendor: CVE Published:; 12 February 2025

Summary

The D-Link DIR-853 A1 FW1.20B07 is susceptible to a stack-based buffer overflow vulnerability that can be exploited through the Password parameter in the SetDynamicDNSSettings module. This flaw allows attackers to potentially execute arbitrary code, gaining unauthorized access or control over the router, which can lead to further exploitation of the network.

References

https://dear-sunshine-ba5.notion.site/D-Link-DIR-853-4-18...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Feb 7, 2025