CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2621 – D-Link DAP-1620 storage check_dws_cookie stack-based overflow
https://notcve.org/view.php?id=CVE-2025-2621
22 Mar 2025 — A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.300623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 2CVE-2025-2620 – D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflow
https://notcve.org/view.php?id=CVE-2025-2620
22 Mar 2025 — A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Otsmane-Ahmed/CVE-2025-2620-poc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2619 – D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflow
https://notcve.org/view.php?id=CVE-2025-2619
22 Mar 2025 — A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.300621 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2618 – D-Link DAP-1620 Path api set_ws_action heap-based overflow
https://notcve.org/view.php?id=CVE-2025-2618
22 Mar 2025 — A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.300620 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •