Stack Overflow Vulnerability in D-Link DIR-816A2 Product
CVE-2025-61577

7.5HIGH

Key Information:

Vendor: D-Link
Status: DIR-816A2
Vendor: CVE Published:; 9 October 2025

What is CVE-2025-61577?

The D-Link DIR-816A2 device has a vulnerability that triggers a stack overflow due to improper handling of the 'statuscheckpppoeuser' parameter in the 'dir_setWanWifi' function. This flaw enables attackers to exploit the vulnerability by sending specially crafted inputs, potentially leading to a Denial of Service condition. As a result, the affected device can become unresponsive, disrupting normal network activity and access.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/peris-navince/founded-0-days/blob/main...

https://github.com/Flechao1/iot-vuln/blob/main/dlink-816-...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 26, 2025

JSON