CVE-2025-6292

CWE-119 — Buffer Overflow CWE-121 — Stack-based Buffer Overflow3 documents3 sources

Severity

7.4HIGH

EPSS

0.3%

top 47.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

D-link Dir-825 Dlink Dir-825 Firmware

Timeline

PublishedJun 20

Description

A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5d-link/dir-8252.03

▶NVDdlink/dir-825_firmware2.03

🔴Vulnerability Details

GHSA

GHSA-h7h4-62pm-28jf: A vulnerability has been found in D-Link DIR-825 2↗2025-06-20

▶

CVEList

D-Link DIR-825 HTTP POST Request sub_4091AC stack-based overflow↗2025-06-20

▶