SB2025080510 - Multiple vulnerabilities in D-Link DI-8200
Published: August 5, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2025-51383)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the ipsec_road_asp function within the host_ip parameter. A remote user on the local network can trigger stack-based buffer overflow and cause a denial of service condition on the target system.
2) Stack-based buffer overflow (CVE-ID: CVE-2025-51384)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the ipsec_net_asp function within the remot_ip parameter. A remote user on the local network can trigger stack-based buffer overflow and cause a denial of service condition on the target system.
3) Stack-based buffer overflow (CVE-ID: CVE-2025-51385)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the yyxz_dlink_asp function within the id parameter. A remote user on the local network can trigger stack-based buffer overflow and cause a denial of service condition on the target system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://github.com/draw-hub/zMeedA/blob/master/CVE-2025-51383.md
- https://www.dlink.com/en/security-bulletin/
- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10447
- https://github.com/draw-hub/zMeedA/blob/master/CVE-2025-51384.md
- https://github.com/draw-hub/zMeedA/blob/master/CVE-2025-51385.md