CVE-2025-6292

A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS

No CVSS.

References

Link	Resource
https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC	Exploit Third Party Advisory
https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC	Exploit Third Party Advisory
https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC#poc	Exploit Third Party Advisory
https://vuldb.com/?ctiid.313294	Permissions Required VDB Entry
https://vuldb.com/?id.313294	Third Party Advisory VDB Entry
https://vuldb.com/?submit.593938	Third Party Advisory VDB Entry
https://www.dlink.com/	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dir-825_firmware:2.03:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*

History

26 Jun 2025, 17:25

Type	Values Removed	Values Added
References	~~() https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC -~~	() https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?submit.593938 -~~	() https://vuldb.com/?submit.593938 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?ctiid.313294 -~~	() https://vuldb.com/?ctiid.313294 - Permissions Required, VDB Entry
References	~~() https://www.dlink.com/ -~~	() https://www.dlink.com/ - Product
References	~~() https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC#poc -~~	() https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir825-dlink-sub_4091AC#poc - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?id.313294 -~~	() https://vuldb.com/?id.313294 - Third Party Advisory, VDB Entry
First Time		Dlink Dlink dir-825 Dlink dir-825 Firmware
CPE		cpe:2.3:h:dlink:dir-825:-:::::::* cpe:2.3:o:dlink:dir-825_firmware:2.03:::::::*

23 Jun 2025, 20:15

Type	Values Removed	Values Added
CWE	CWE-121 CWE-119
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : unknown

20 Jun 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-20 01:15

Updated : 2025-06-26 17:25

NVD link : CVE-2025-6292

Mitre link : CVE-2025-6292

JSON object : View

Products Affected

dlink

dir-825_firmware
dir-825

CWE

No CWE.

JSON object

Attach tags to CVE-2025-6292

Attach tags to `CVE-2025-6292`