CVE-2025-25745

Summary

CVE-2025-25745 refers to a buffer overflow vulnerability identified in D-Link DIR-853 A1 Firmware FW1.20B07. This issue arises due to an insufficient size validation check in the handling of the Password parameter within the SetQuickVPNSettings module. An attacker can exploit this vulnerability by sending specially crafted password data, leading to a stack buffer overflow. Successful exploitation could result in arbitrary code execution, potentially allowing unauthorized access or system takeover. Users are urged to update their firmware as soon as possible to address this security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.