| Kura | D-Link DIR-825 R Denial of Service |
|---|
| Gaskiya | A stack-based buffer overflow vulnerability exists in the web service of the D-Link DIR-825 router, firmware version Rev.B 2.10. The vulnerability is triggered when an authenticated attacker sends a POST request to ping_response.cgi with an overly long string in the ping_ipaddr parameter. Inside the parse_special_char function, this string is copied into a fixed-size stack buffer using strcpy without proper length validation. This action overwrites the stack, causing the httpd service to crash upon the function's return and resulting in a remote Denial of Service (DoS). |
|---|
| Manga | ⚠️ https://github.com/i-Corner/cve/issues/16 |
|---|
| Màdùmga | iC0rner (UID 82839) |
|---|
| Furta | 08/03/2025 03:06 (7 Wurɗi 전) |
|---|
| Gargajiya | 08/13/2025 15:59 (11 days later) |
|---|
| Halitta | Shingilam |
|---|
| VulDB gite | 319915 [D-Link DIR-825 2.10 httpd ping_response.cgi get_ping_app_stat ping_ipaddr Pufferüberlauf] |
|---|
| Nganji | 20 |
|---|