CVE-2025-2621
CVE-2025-2621
Título es
CVE-2025-2621
Sáb, 22/03/2025 – 17:15
Tipo
CWE-119
Gravedad v2.0
10.00
Gravedad 2.0 Txt
HIGH
Título en
CVE-2025-2621
Descripción en
A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
22/03/2025
22/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector CVSS:2.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Gravedad 4.0
9.30
Gravedad 4.0 txt
CRITICAL
Gravedad 3.1 (CVSS 3.1 Base Score)
9.80
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CRITICAL
Referencias
Enviar en el boletín
Off
