CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1877 – D-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereference
https://notcve.org/view.php?id=CVE-2025-1877
03 Mar 2025 — A vulnerability, which was classified as critical, was found in D-Link DAP-1562 1.10. This affects the function pure_auth_check of the component HTTP POST Request Handler. The manipulation of the argument a1 leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.298191 • CWE-404: Improper Resource Shutdown or Release CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1876 – D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow
https://notcve.org/view.php?id=CVE-2025-1876
03 Mar 2025 — A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.298190 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •