Описание
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Ссылки
- ExploitIssue Tracking
- ExploitIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- ExploitIssue Tracking
- ExploitIssue Tracking
Уязвимые конфигурации
Одновременно
Одновременно
EPSS
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Уязвимость функции sub_44797C() микропрограммного обеспечения маршрутизаторов D-Link DIR-822K и DWR-M920, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
9 Critical
CVSS2