PT-2025-23874 · D Link · D-Link Dir-816
Pjqwudi
·
Published
2025-06-03
·
Updated
2025-07-01
·
CVE-2025-5622
CVSS v4.0
10
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-816 version 1.10CNB05
Description
A critical issue affects the function
wirelessApcli 5g of the file /goform/wirelessApcli 5g. The manipulation of the arguments apcli mode 5g, apcli enc 5g, and apcli default key 5g leads to a stack-based buffer overflow. The attack may be launched remotely. This issue only affects products that are no longer supported by the maintainer.Recommendations
As a temporary workaround, consider disabling the
wirelessApcli 5g function until a patch is available.
Restrict access to the /goform/wirelessApcli 5g file to minimize the risk of exploitation.
Avoid using the arguments apcli mode 5g, apcli enc 5g, and apcli default key 5g in the affected function until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Memory Corruption
Stack Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
D-Link Dir-816