CVE-2025-25745

CVE-2025-25745 is a stack-based buffer overflow vulnerability (CWE-121) affecting the D-Link DIR-853 router running firmware version A1 FW1.20B07. The flaw resides in the SetQuickVPNSettings module, where insufficient bounds checking on the Password parameter allows an overflow condition during processing of user-supplied input. Published on 2025-02-14, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.

A remote, unauthenticated attacker can exploit this vulnerability over the network with low complexity by tricking a user into interacting with a malicious input, such as submitting a specially crafted Password value through the affected module. Successful exploitation could result in high-impact consequences, including arbitrary code execution, data compromise, modification of system integrity, or denial of service, granting the attacker substantial control over the targeted device.

Mitigation details are available in the referenced advisory at https://dear-sunshine-ba5.notion.site/D-Link-DIR-853-2-1812386a664480ea82a7f8321d967187. Security practitioners should consult vendor guidance for patches or workarounds specific to the DIR-853 A1 FW1.20B07.