CVE-2025-2620

22 Mar 2025

Título es

CVE-2025-2620

Sáb, 22/03/2025 – 15:15

Tipo

CWE-119

Gravedad v2.0

10.00

Gravedad 2.0 Txt

HIGH

Título en

CVE-2025-2620

Descripción en

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

22/03/2025

Vector CVSS:4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector CVSS:2.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

Gravedad 4.0

9.30

Gravedad 4.0 txt

CRITICAL

Gravedad 3.1 (CVSS 3.1 Base Score)

9.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

CRITICAL