Cyber Posture

CVE-2025-25530

Critical

Published: 11 February 2025

Published
11 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0024 47.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

Security Summary

CVE-2025-25530 is a buffer overflow vulnerability (CWE-120) in Digital China DCBI-Netlog-LAB Gateway version 1.0. The flaw stems from a lack of length verification when saving parental control configuration information, resulting in a critical CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Published on 2025-02-11, it affects the gateway device's handling of configuration data.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low complexity and no user interaction. Successful exploitation enables denial-of-service by crashing the target device or executing arbitrary commands, granting high-impact confidentiality, integrity, and availability compromises.

Mitigation guidance and additional details are available in the referenced advisory at https://gist.github.com/XiaoCurry/570a765f6812b8c53d35f623ee701b19.

Details

CWE(s)
CWE-120

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
Why these techniques?

Remote unauthenticated buffer overflow in gateway config handling enables exploitation of public-facing applications for initial access (T1190) and arbitrary command execution (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References