Overview CVE-2025-13553 is a high-severity buffer overflow vulnerability affecting D-Link DWR-M920 routers running firmware version 1.1.50. This vulnerability allows remote attackers to potentially execute arbitrary code on the affected device. A public exploit is already available, increasing the risk of widespread exploitation. Technical Details The vulnerability resides in the sub_41C7FC function within the /boafrm/formPinManageSetup file. The attack is triggered by manipulating the submit-url argument, leading to a buffer overflow. Because the vulnerability is remotely exploitable, devices exposed to the internet are particularly at risk. Successful exploitation can allow a malicious actor to gain complete control of the device, potentially leading…
-
-
Overview A high-severity security vulnerability, identified as CVE-2025-13552, has been discovered in D-Link DIR-822K and DWR-M920 routers. This flaw allows remote attackers to execute arbitrary code due to a buffer overflow in the /boafrm/formWlEncrypt function when handling the submit-url argument. The exploit has been publicly released, increasing the risk of active exploitation. Technical Details The vulnerability resides within an unspecified function of the /boafrm/formWlEncrypt file in D-Link DIR-822K and DWR-M920 routers, specifically versions 1.00_20250513164613 (DIR-822K) and 1.1.50 (DWR-M920). By manipulating the submit-url argument, an attacker can trigger a buffer overflow. The nature of the overflow allows for remote code execution,…
-
Overview A high-severity buffer overflow vulnerability, identified as CVE-2025-13551, has been discovered in D-Link DIR-822K and DWR-M920 routers. This vulnerability allows remote attackers to potentially execute arbitrary code on affected devices. Given the availability of public exploits, immediate action is recommended. Technical Details The vulnerability resides in the /boafrm/formWanConfigSetup file within the router’s firmware. Specifically, the submit-url argument is susceptible to a buffer overflow when manipulated with excessively long input. An attacker can exploit this flaw by sending a crafted request to the router, potentially overwriting memory and gaining control of the device. Affected Products: D-Link DIR-822K 1.00_20250513164613 D-Link DWR-M920…
-
Overview A high-severity buffer overflow vulnerability, identified as CVE-2025-13550, has been discovered in specific versions of D-Link routers. This vulnerability affects the D-Link DIR-822K and DWR-M920 models. Successful exploitation of this flaw could allow a remote attacker to execute arbitrary code on the affected device. Technical Details The vulnerability exists in the /boafrm/formVpnConfigSetup file. By manipulating the submit-url argument, an attacker can trigger a buffer overflow. The affected firmware versions are 1.00_20250513164613 for DIR-822K and 1.1.50 for DWR-M920. The exploit for this vulnerability has been publicly disclosed, increasing the risk of malicious exploitation. CVSS Analysis The Common Vulnerability Scoring System…
-
Overview A high-severity vulnerability, identified as CVE-2025-13549, has been discovered in the D-Link DIR-822K router, version 1.00. This vulnerability is a buffer overflow that can be exploited remotely, potentially allowing attackers to gain control of the affected device. The exploit is publicly available, making it crucial for users to take immediate action. Technical Details The vulnerability lies within the sub_455524 function of the /boafrm/formNtp file. It is triggered by manipulating the submit-url argument. By providing an overly long input for this argument, an attacker can cause a buffer overflow, potentially overwriting critical memory regions and executing arbitrary code on the…
-
Overview A high-severity vulnerability, identified as CVE-2025-13548, has been discovered in D-Link DIR-822K and DWR-M920 routers. This vulnerability, a buffer overflow, allows a remote attacker to potentially execute arbitrary code on the affected devices. This article provides a detailed analysis of the vulnerability, its potential impact, and recommended mitigation steps. Technical Details CVE-2025-13548 affects D-Link DIR-822K and DWR-M920 routers running firmware versions 1.00_20250513164613 and 1.1.50, respectively. The vulnerability resides in the /boafrm/formFirewallAdv component. By manipulating the submit-url argument, an attacker can trigger a buffer overflow, potentially leading to arbitrary code execution. The exploit is publicly available, increasing the risk of…
-
Overview A high-severity vulnerability, identified as CVE-2025-13547, has been discovered in D-Link DIR-822K and DWR-M920 routers. This flaw allows a remote attacker to cause memory corruption, potentially leading to denial of service or even arbitrary code execution. The vulnerability resides within the handling of the ‘submit-url’ argument in the ‘/boafrm/formDdns’ file. Technical Details CVE-2025-13547 is a memory corruption vulnerability affecting D-Link DIR-822K and DWR-M920 routers, specifically firmware versions 1.00_20250513164613 for DIR-822K and 1.1.50 for DWR-M920. The vulnerability is triggered through the manipulation of the ‘submit-url’ argument in the ‘/boafrm/formDdns’ file. An attacker can remotely exploit this flaw by crafting a…
-
Overview CVE-2025-13546 describes a medium-severity SQL Injection vulnerability discovered in the ashraf-kabir travel-agency software. The vulnerability resides in the /results.php file, specifically affecting the Search component. A malicious actor can remotely exploit this flaw by manipulating the user_query argument. The exploit is now publicly available, increasing the risk of active exploitation. Due to the absence of versioning information for this product, determining affected or unaffected releases is impossible. Technical Details The vulnerability lies within the /results.php script, a component responsible for handling search queries. By injecting malicious SQL code into the user_query parameter, an attacker can bypass intended data validation…
-
Overview CVE-2025-13545 describes a medium severity SQL injection vulnerability found in the ashraf-kabir travel agency software, specifically affecting versions up to commit 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. The vulnerability resides within the /admin_area/index.php file and is triggered through manipulation of the edit_pack argument. This allows for remote exploitation. A public exploit is available, making this vulnerability readily exploitable. Unfortunately, the vendor utilizes continuous delivery with rolling releases, making it difficult to pinpoint specific affected versions or available updates. Attempts to contact the vendor regarding this disclosure have been unsuccessful. Technical Details The vulnerability is a classic SQL injection. By crafting a malicious input for…
-
Overview CVE-2025-13544 describes a medium severity unrestricted file upload vulnerability affecting the ashraf-kabir travel-agency software. This vulnerability, discovered in the /customer_register.php file, allows remote attackers to upload arbitrary files, potentially leading to code execution or other malicious activities on the server. Technical Details The vulnerability resides within an unknown function of the /customer_register.php file. By manipulating input during the customer registration process, an attacker can bypass file type restrictions and upload malicious files to the server. The specific commit affected is up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. The vendor utilizes rolling releases, making specific version identification difficult. The vulnerability has been publicly disclosed,…