CVE-2026-7069

Name of the Vulnerable Software and Affected Versions D-Link DIR-825 versions prior to 3.00b32

Description A buffer overflow exists in the miniupnpd component within the upnpsoap.c file. The issue occurs in the AddPortMapping() function when it fails to properly validate the size of input data during the copying of the NewPortMappingDescription argument. This flaw allows an attacker on the local network to execute arbitrary code by sending a specially crafted HTTP request. Millions of devices worldwide are potentially affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.