CVE-2025-1876
Published: 03 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-1876 is a stack-based buffer overflow vulnerability classified as critical in D-Link DAP-1562 version 1.10. The issue resides in the http_request_parse function within the HTTP Header Handler component, triggered by manipulation of the Authorization argument. It corresponds to CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write), with a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). The vulnerability was published on 2025-03-03.
The vulnerability enables remote exploitation without authentication or user interaction. An attacker can send a specially crafted HTTP request targeting the Authorization header, causing a stack-based buffer overflow. Successful exploitation could result in limited impacts to confidentiality, integrity, and availability, such as partial data exposure, modification, or denial of service on the affected device.
Advisories indicate that the D-Link DAP-1562 is no longer supported by the manufacturer, meaning no patches or official mitigations are available. Security practitioners should isolate or retire affected devices, as a public exploit has been disclosed and is available for use via sources like VulDB and a Notion site detailing the vulnerability. The D-Link website provides general product information but no specific guidance for this CVE.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Stack-based buffer overflow in the public-facing HTTP header handler (http_request_parse) of D-Link DAP-1562 access point, triggered remotely without authentication via Authorization header manipulation, enables exploitation of a public-facing application for initial access.