CVE-2025-25746
Published: 12 February 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-25746 is a stack-based buffer overflow vulnerability (CWE-787) affecting the D-Link DIR-853 router with firmware version A1 FW1.20B07. The flaw resides in the SetWanSettings module, where insufficient bounds checking on the Password parameter allows an attacker to overflow the stack by supplying overly long input. Published on 2025-02-12, it carries a CVSS v3.1 base score of 9.8, reflecting its critical severity due to network accessibility, low attack complexity, and lack of prerequisites.
The vulnerability enables remote exploitation over the network without authentication, privileges, or user interaction (AV:N/AC:L/PR:N/UI:N). Successful exploitation grants high-impact outcomes across confidentiality, integrity, and availability (C:H/I:H/A:H) within the unchanged scope (S:U), potentially allowing arbitrary code execution, full device compromise, or denial of service on the affected router.
For mitigation details, refer to the advisory at https://dear-sunshine-ba5.notion.site/D-Link-DIR-853-5-1812386a66448044b489f223b8c2e78a, which provides vulnerability analysis and likely patch or workaround guidance specific to the D-Link DIR-853.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The remote unauthenticated stack-based buffer overflow in the SetWanSettings module of the public-facing D-Link DIR-853 router management interface directly enables T1190: Exploit Public-Facing Application, leading to arbitrary code execution or DoS.