A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 29 Sep 2025 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-825
Dlink dir-825 Firmware
CPEs cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-825_firmware:1.08.01:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-825
Dlink dir-825 Firmware

Mon, 08 Sep 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sun, 07 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-825
Vendors & Products D-link
D-link dir-825

Sat, 06 Sep 2025 14:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-08T14:42:59.955Z

Reserved: 2025-09-05T13:20:21.832Z

Link: CVE-2025-10034

cve-icon Vulnrichment

Updated: 2025-09-08T14:42:48.589Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-06T15:15:34.163

Modified: 2025-09-29T18:29:06.463

Link: CVE-2025-10034

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-07T15:24:55Z