- Description
- A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
🚨 CVE-2025-2618 ⚠️🔴 CRITICAL (9.3) 🏢 D-Link - DAP-1620 🏗️ 1.03 🔗 https://t.co/dcQ9uNGLvH 🔗 https://t.co/ZQG6JhtZhg 🔗 https://t.co/gKRYnoHuxx 🔗 https://t.co/yapWh1Bopu 🔗 https://t.co/sYyss3yo3N #CyberCron #VulnAlert #InfoSec https://t.co/9Fiz2zDVKN
@cybercronai
22 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-2618 - D-Link DAP-1620 - HIGH 🚨 🗓️ Date published 2025-03-22 14:15:16 UTC #D-LinkDAP-1620 #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/YPmD6rfNHg
@vulns_space
22 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2618: CRITICAL] Critical vulnerability in D-Link DAP-1620 1.03 found. Exploit allows remote heap-based buffer overflow. Disclosure made for unsupported products. #cybersecurity#cybersecurity,#vulnerability https://t.co/5QYbdKO7tw https://t.co/WOa9mEIFp9
@CveFindCom
22 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2618 A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of… https://t.co/RlcBnHNoHz
@CVEnew
22 Mar 2025
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dap-1620_firmware:1.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7AC78AA-D1B1-401C-A98A-1409533F4F77"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dap-1620:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D651B571-E516-40C6-84A0-17EF83DC9D57"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]