CVE-2025-13551
published 2025-11-23CVE-2025-13551: A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dir-822k | — | — |
| d-link | dir-822k | — | — |
| d-link | dwr-m920 | — | — |
| d-link | dwr-m920 | — | — |
| dlink | dir-822k_firmware | — | — |
| dlink | dwr-m920_firmware | — | — |