CNNVD-202509-3011 Information

CNNVD ID

CNNVD-202509-3011

Related CVE

CVE-2025-10666

• CNNVD Published: 2025-09-18

Description (Chinese)

D-Link DIR-825是中国友讯（D-Link）公司的一款路由器。 D-Link DIR-825 2.10及之前版本存在安全漏洞，该漏洞源于文件apply.cgi中函数sub_4106d4对参数countdown_time的错误操作，可能导致缓冲区溢出。

Description (English)

D-Link DIR-825 is a router for the Chinese company D-Link. There was a security loophole in D-Link DIR-825 2.10 and earlier versions, which stemmed from the error of the function sub 4106d4 in file apply.cgi against the argument countdown time, which could lead to a spill over the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

D3D

Published

2025-09-18

Last Modified

2026-02-24

References

https://vuldb.com/?submit.652047 https://github.com/panda666-888/vuls/blob/main/d-link/dir-825/apply.cgi.md https://github.com/panda666-888/vuls/blob/main/d-link/dir-825/apply.cgi.md#poc https://vuldb.com/?id.324787 https://www.dlink.com/ https://vuldb.com/?ctiid.324787 https://www.exploit-db.com/exploits/52469