CVE-2026-7289
HIGH8.8CVSS v3
9.0CVSS v2
0.05%
EPSS (exploit probability)
CWE-119CWE
Description
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| D-Link | D-Link DIR-825 | — |
— | — | Unpatched |