Description
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Published: 2026-04-28
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow exists in sub_414BA8 of the /boafrm/formWanConfigSetup file; by manipulating the submit‑url argument, an attacker can overwrite memory and gain arbitrary code execution on the device. The flaw permits remote exploitation via the device’s web interface.

Affected Systems

D-Link DIR‑825M routers running firmware 1.1.12 are known to be vulnerable.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity; the EPSS score is not available, and it is not listed in the CISA KEV catalog. The exploit is publicly available and can be run remotely, likely through HTTP requests to the web management interface.

Generated by OpenCVE AI on April 28, 2026 at 19:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install a firmware revision that contains the fix for the formWanConfigSetup buffer overflow.
  • If an update is not yet available, block or restrict remote access to the firmware’s web management interface, especially the /boafrm/formWanConfigSetup endpoint.
  • Disable unmanaged WAN configuration changes through the web interface if possible, or replace the device with a less exposed solution.
  • Monitor network traffic and device logs for attempts to submit malicious submit-url parameters or other unusual requests.

Generated by OpenCVE AI on April 28, 2026 at 19:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 29 Apr 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-825m
Vendors & Products D-link
D-link dir-825m

Tue, 28 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Title D-Link DIR-825M formWanConfigSetup sub_414BA8 buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Dir-825m
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-29T15:03:14.519Z

Reserved: 2026-04-28T09:45:32.045Z

Link: CVE-2026-7289

cve-icon Vulnrichment

Updated: 2026-04-29T15:02:52.507Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T15:16:37.210

Modified: 2026-04-28T20:25:44.987

Link: CVE-2026-7289

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T10:10:40Z

Weaknesses