CVE-2025-61577

HIGH EPSS 91.6%

Published Oct 9, 20258mo ago · Modified Jun 17, 20261w ago

7.5 CVSS 3.1

High

Published Oct 9, 2025 8mo ago

Last Modified Jun 17, 2026 1w ago

Description

D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVSS Details

Base Score

7.5

Exploitability

3.9

Impact

3.6

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality None

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

91.6% percentile

Exploit & Patch Status

Public Exploit Known

No Patch Available

Weaknesses 1

CWE-121

Affected Products 2

Vendor	Product	Version	Range
dlink	dir-816_firmware	1.10cnb05	any
dlink	dir-816	a2	any

References 3

github.com https://github.com/Flechao1/iot-vuln/blob/main/dlink-816-b05.md

ExploitThird Party Advisory
github.com https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/dir_setWanWifi/1.md

ExploitThird Party Advisory
dlink.com https://www.dlink.com/en/security-bulletin/

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.