Cyber Resilience

CVE-2025-7910

HighPublic PoC

Published: 20 July 2025

Published
20 July 2025
Modified
25 July 2025
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0198 84.0th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7910 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Dlink Dir-513 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 16.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SC-7 (Boundary Protection).

Deeper analysis

A critical stack-based buffer overflow vulnerability, tracked as CVE-2025-7910, affects the D-Link DIR-513 wireless router running firmware version 1.10. The flaw resides in the sprintf function within the /goform/formSetWanNonLogin endpoint of the Boa Webserver component; unsanitized input supplied to the curTime argument can overflow the stack buffer. The issue is tracked under CWE-119 and CWE-121 and carries a CVSS 4.0 score of 7.4.

An authenticated remote attacker can send a crafted HTTP request to the affected endpoint and achieve arbitrary code execution or a denial-of-service condition on the device. The vulnerability can be triggered over the network without user interaction, and a working exploit has already been published.

The affected hardware is explicitly described as end-of-life and unsupported by D-Link, so no vendor patches are expected. Public references include a detailed proof-of-concept on GitHub and entries in the VulDB database; the current EPSS score remains flat at 0.0198 with no observed increase since disclosure.

EU & UK References

Vulnerability details

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible…

more

to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote stack-based buffer overflow in public-facing Boa webserver form handler enables arbitrary code execution via crafted HTTP requests to Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-7909Same product: Dlink Dir-513
CVE-2026-3978Same product: Dlink Dir-513
CVE-2025-8184Same product: Dlink Dir-513
CVE-2025-8159Same product: Dlink Dir-513
CVE-2025-70232Same product: Dlink Dir-513
CVE-2025-70219Same product: Dlink Dir-513
CVE-2025-70225Same product: Dlink Dir-513
CVE-2025-70246Same product: Dlink Dir-513
CVE-2025-70220Same product: Dlink Dir-513
CVE-2025-70242Same product: Dlink Dir-513

Affected Assets

dlink
dir-513 firmware
1.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Prohibits the use of unsupported end-of-life system components like the D-Link DIR-513 router, directly preventing exposure to this unpatchable stack-based buffer overflow vulnerability.

prevent

Enforces boundary protection to monitor and control remote network access to the vulnerable /goform/formSetWanNonLogin endpoint, blocking exploitation over the network.

prevent

Implements memory protections such as non-executable stacks and address space randomization to mitigate successful exploitation of the stack-based buffer overflow in sprintf.

References