CVE-2025-25742
Published: 12 February 2025
Summary
CVE-2025-25742 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Dlink Dir-853 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 11.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
D-Link DIR-853 A1 firmware version FW1.20B07 contains a stack-based buffer overflow vulnerability in the SetSysEmailSettings module, triggered by the AccountPassword parameter. The flaw is tracked as CVE-2025-25742 with CWE-787 and carries a CVSS 3.1 score of 9.8 reflecting network attack vector, low complexity, and no required privileges or user interaction.
An unauthenticated remote attacker can send a crafted HTTP request containing an oversized AccountPassword value to trigger the overflow. Successful exploitation grants the attacker the ability to execute arbitrary code, resulting in complete compromise of the device's confidentiality, integrity, and availability.
The single reference is a third-party disclosure note; it contains no vendor advisory, patch information, or mitigation steps. The associated EPSS values have remained low and stable since publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-4131
Vulnerability details
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The unauthenticated remote stack-based buffer overflow in the public-facing SetSysEmailSettings module of the D-Link router directly enables arbitrary code execution via exploitation of a public-facing application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces bounds checking and input validation on parameters like AccountPassword to prevent stack-based buffer overflows in the SetSysEmailSettings module.
Implements memory protections such as stack canaries, ASLR, and DEP to mitigate exploitation of stack-based buffer overflows leading to arbitrary code execution.
Requires timely identification, reporting, and patching of flaws like this buffer overflow via firmware updates for the D-Link DIR-853 router.