Stack-Based Buffer Overflow Vulnerability in D-Link DIR-853 Router
CVE-2025-25746

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: DIR-853
Vendor: CVE Published:; 12 February 2025

Summary

The D-Link DIR-853 A1 router with firmware version 1.20B07 is susceptible to a stack-based buffer overflow vulnerability within its SetWanSettings module. This issue arises due to improper handling of the Password parameter, potentially allowing an attacker to execute arbitrary code or disrupt service. Users are strongly encouraged to implement security measures and update their device firmware to mitigate the risks associated with this vulnerability.

References

https://dear-sunshine-ba5.notion.site/D-Link-DIR-853-5-18...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Feb 7, 2025