CVE-2025-13552
published 2025-11-23CVE-2025-13552: A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dir-822k | — | — |
| d-link | dir-822k | — | — |
| d-link | dwr-m920 | — | — |
| d-link | dwr-m920 | — | — |
| dlink | dir-822k_firmware | — | — |
| dlink | dwr-m920_firmware | — | — |