CNNVD-202511-2577 Information

CNNVD ID

CNNVD-202511-2577

Related CVE

CVE-2025-13552

• CNNVD Published: 2025-11-23

Description (Chinese)

D-Link DWR-M920和D-Link DIR-822K都是中国友讯（D-Link）公司的产品。D-Link DWR-M920是一款路由器。D-Link DIR-822K是一款无线路由器。 D-Link DWR-M920和D-Link DIR-822K 1.00_20250513164613/1.1.50版本存在安全漏洞，该漏洞源于文件/boafrm/formWlEncrypt中参数submit-url的错误操作，可能导致缓冲区溢出。

Description (English)

D-Link DWR-M920 and D-Link DIR-822K are products of the Chinese company D-Link. D-Link DWR-M920 is a router. D-Link DIR-822K is a wireless router. Security loopholes exist in versions D-Link DWR-M920 and D-Link DIR-822K 1.00 20250513161613/1.1.50, which stem from the error of the parameters submit-url in the document/boafrm/formWlEncrypt, which could lead to an spill out of the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

友讯

Published

2025-11-23

Last Modified

2026-02-24

References

https://github.com/QIU-DIE/CVE/issues/36 https://vuldb.com/?id.333319 https://vuldb.com/?submit.695434 https://www.dlink.com/ https://vuldb.com/?ctiid.333319 https://vuldb.com/?submit.693803 https://github.com/QIU-DIE/CVE/issues/44 https://access.redhat.com/security/cve/cve-2025-13552