CVE-2025-13553 – D-Link DWR-M920 formPinManageSetup sub_41C7FC buffer overflow

CVE ID : CVE-2025-13553

Published : Nov. 23, 2025, 2:15 p.m. | 1 hour, 5 minutes ago

Description : A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-13873 – The feature to import a survey is prone to stored Cross-Site Script attacks

CVE-2025-13872 – Blind Server-Side Request Forgery (SSRF) in the survey-import feature of ObjectPlanet Opinio

CVE-2025-13871 – The feature to manage resources is prone to Cross-Site Request Forgery attacks

CVE-2025-13870 – Unauthorized access and subscription vulnerability in Boards