CVE-2025-5572

CWE-119Buffer OverflowCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write3 documents3 sources
Severity
8.7HIGH
EPSS
1.2%
top 20.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dcs-932lDlink Dcs-932l Firmware
Timeline
PublishedJun 4

Description

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dcs-932l2.18.01

🔴Vulnerability Details

2
GHSA
GHSA-qvvf-8j8m-qq3w: A vulnerability was found in D-Link DCS-932L 22025-06-04
CVEList
D-Link DCS-932L setSystemEmail stack-based overflow2025-06-04
CVE-2025-5572 (HIGH CVSS 8.7) | A vulnerability was found in D-Link | cvebase.io