PT-2025-46887 · D Link · D-Link Dir-878A1
Published
2025-10-09
·
Updated
2025-11-21
·
CVE-2025-60674
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-878A1 router firmware versions prior to FW101B04
Description
A stack buffer overflow issue exists in the USB storage handling module of the D-Link DIR-878A1 router firmware. The problem occurs when the “Serial Number” field from a USB device is read into a 64-byte stack buffer using
sscanf, while fgets can read up to 127 bytes, leading to a stack overflow. An attacker with physical access or control over a USB device could potentially execute arbitrary code on the device.Recommendations
Update to firmware version FW101B04 or later.
Exploit
Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dir-878A1