CNNVD-202511-2580 Information

Nov 23, 2025 cve

CNNVD ID

CNNVD-202511-2580

CVE-2025-13550

CNNVD Published: 2025-11-23

Description (Chinese)

D-Link DWR-M920和D-Link DIR-822K都是中国友讯（D-Link）公司的产品。D-Link DWR-M920是一款路由器。D-Link DIR-822K是一款无线路由器。 D-Link DWR-M920和D-Link DIR-822K 1.00_20250513164613/1.1.50版本存在安全漏洞，该漏洞源于文件/boafrm/formVpnConfigSetup中参数submit-url的错误操作，可能导致缓冲区溢出。

Description (English)

D-Link DWR-M920 and D-Link DIR-822K are products of the Chinese company D-Link. D-Link DWR-M920 is a router. D-Link DIR-822K is a wireless router. Security loopholes exist in versions D-Link DWR-M920 and D-Link DIR-822K 1.00 20250513161613/1.1.50, which are the result of errors in the parameters submit-url in the document/boafrm/formVpnConfigSetup, which may result in spilling over the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

友讯

Published

2025-11-23

Last Modified

2026-02-24

References

https://github.com/QIU-DIE/CVE/issues/47 https://vuldb.com/?submit.693777 https://vuldb.com/?submit.695437 https://vuldb.com/?id.333317 https://www.dlink.com/ https://github.com/QIU-DIE/CVE/issues/33 https://vuldb.com/?ctiid.333317 https://access.redhat.com/security/cve/cve-2025-13550

Share on: