ГлавнаяУязвимости → CVE-2025-52222
7.5высокая

CVE-2025-52222

Описание

D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Затрагиваемое ПО
Dlink Di-8100 firmwareDlink Di-8100Dlink Di-8100g firmwareDlink Di-8100gDlink Di-8004w firmwareDlink Di-8004wDlink Di-8003g firmwareDlink Di-8003gDlink Di-8003 firmwareDlink Di-8003Dlink Di-8500 firmwareDlink Di-8500Dlink Di-8200g firmwareDlink Di-8200gDlink Di-8200 firmwareDlink Di-8200Dlink Di-8400 firmwareDlink Di-8400
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.mdhttps://www.dlink.com/en/security-bulletin/