CVE-2025-1877

Name of the Vulnerable Software and Affected Versions D-Link DAP-1562 version 1.10

Description A critical vulnerability was found in the D-Link DAP-1562, affecting the pure auth check function of the HTTP POST Request Handler component. The manipulation of the a1 argument leads to a null pointer dereference. This issue can be exploited remotely. The vulnerability only affects products that are no longer supported by the maintainer.

Recommendations For D-Link DAP-1562 version 1.10, as a temporary workaround, consider disabling the pure auth check function until a patch is available. Restrict access to the HTTP POST Request Handler component to minimize the risk of exploitation. Avoid using the a1 argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.