CVE-2025-1877
Published: 03 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-1877 is a critical vulnerability in D-Link DAP-1562 version 1.10, specifically affecting the pure_auth_check function within the HTTP POST Request Handler component. The issue arises from manipulation of the 'a1' argument, leading to a null pointer dereference classified under CWE-404 and CWE-476.
The vulnerability carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), allowing remote exploitation by an attacker possessing low privileges. Successful exploitation results in high availability impact, such as denial-of-service through device crashes, with no compromise of confidentiality or integrity.
Advisories from VulDB indicate that the vulnerability affects only products no longer supported by the maintainer, with no patches available. The exploit has been publicly disclosed, including details in VulDB entries (ctiid.298191, id.298191) and a Notion site write-up, increasing the risk for deployed devices.
In notable context, the public availability of the exploit heightens the threat to unsupported D-Link DAP-1562 devices still in use.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability in public-facing HTTP POST handler enables remote exploitation of web application (T1190) resulting in device crash via null pointer dereference (T1499.004).