CNNVD-202509-3619 Information

CNNVD ID

CNNVD-202509-3619

Related CVE

CVE-2025-10779

• CNNVD Published: 2025-09-22

Description (Chinese)

D-Link DCS-935L是中国友讯（D-Link）公司的一款路由器。 D-Link DCS-935L 1.13.01及之前版本存在安全漏洞，该漏洞源于对文件/HNAP1/中参数HNAP_AUTH/SOAPAction的错误操作，可能导致栈缓冲区溢出。

Description (English)

D-Link DCS-935L is a router for D-Link. There is a security loophole in D-Link DCS-935L 1.13.01 and earlier versions, which stems from an error in the application of the medium parameter HNAP AUTH/SOAPaction in document/HNAP1/, which could result in a spilling out of the fence.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

D3D

Published

2025-09-22

Last Modified

2026-02-24

References

https://github.com/scanleale/IOT_sec/blob/main/DCS-935L-1.pdf https://github.com/scanleale/IOT_sec/blob/main/DCS-935L-2.pdf https://vuldb.com/?ctiid.325135 https://vuldb.com/?id.325135 https://vuldb.com/?submit.653690 https://vuldb.com/?submit.653691 https://www.dlink.com/