PT-2025-47839 · D Link · Dir-822+1
Hhsw34
·
Published
2025-11-12
·
Updated
2025-12-02
·
CVE-2025-13547
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-822K versions 1.00 20250513164613 through 1.1.50
D-Link DWR-M920 versions 1.00 20250513164613 through 1.1.50
Description
A flaw exists in D-Link DIR-822K and DWR-M920 routers. The issue is related to the manipulation of the
submit-url argument within the /boafrm/formDdns file, leading to memory corruption. The attack can be initiated remotely. An exploit for this issue has been published.Recommendations
Update D-Link DIR-822K from versions 1.00 20250513164613 through 1.1.50 to a newer version.
Update D-Link DWR-M920 from versions 1.00 20250513164613 through 1.1.50 to a newer version.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dir-822
Dwr-M920