Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-fr44-hj8r-v92r

Опубликовано: 23 нояб. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 7.4
CVSS3: 8.8

Описание

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Ссылки

EPSS

Процентиль: 25%
0.00087
Низкий

7.4 High

CVSS4

8.8 High

CVSS3

CVE ID

CVE-2025-13550

Дефекты

CWE-119

Связанные уязвимости

nvd логотип

CVE-2025-13550

CVSS3: 8.8
nvd
3 месяца назад

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

fstec логотип

BDU:2025-14753

CVSS3: 8.8
fstec
3 месяца назад

Уязвимость функций sub_4151FC() и sub_41491C() встроенного веб-сервера boa микропрограммного обеспечения маршрутизаторов D-Link DIR-822K и DWR-M920, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 25%
0.00087
Низкий

7.4 High

CVSS4

8.8 High

CVSS3

CVE ID

CVE-2025-13550

Дефекты

CWE-119