CVE-2025-10779

🗓️ 22 Sep 2025 03:02:07Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 25 Views🌐 WEB

CVE-2025-10779 is a remote stack overflow in D-Link DCS-935L HNAP1 sub_402280 up to version 1.13.01.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-10779	22 Sep 202504:32	–	circl
CNNVD	D-Link DCS-935L 安全漏洞	22 Sep 202500:00	–	cnnvd
CNVD	D-Link DCS-935L Buffer Overflow Vulnerability	25 Sep 202500:00	–	cnvd
Cvelist	CVE-2025-10779 D-Link DCS-935L HNAP1 sub_402280 stack-based overflow	22 Sep 202503:02	–	cvelist
EUVD	EUVD-2025-30398	3 Oct 202520:07	–	euvd
NVD	CVE-2025-10779	22 Sep 202504:15	–	nvd
OpenVAS	D-Link Multiple DCS IP Camera Devices Multiple Vulnerabilities (SAP10247)	27 Jun 202500:00	–	openvas
Positive Technologies	PT-2025-38678	13 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-10779	24 Sep 202503:23	–	redhatcve
Vulnrichment	CVE-2025-10779 D-Link DCS-935L HNAP1 sub_402280 stack-based overflow	22 Sep 202503:02	–	vulnrichment

NVD

Vulners

Node

dlink dcs-935l_firmwareRange≤1.13.01

AND

dlink dcs-935lMatch-

[
  {
    "vendor": "D-Link",
    "product": "DCS-935L",
    "versions": [
      {
        "version": "1.13.01",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/scanleale/IOT_sec/blob/main/DCS-935L-2.pdf
github	www.github.com/scanleale/IOT_sec/blob/main/DCS-935L-1.pdf
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
dlink	www.dlink.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
HNAP_AUTH	header	HNAP1/	Stack-based buffer overflow via manipulation of HNAP_AUTH/SOAPAction in HNAP1/ endpoint	CWE-787, CWE-121, CWE-119
SOAPAction	header	HNAP1/	Stack-based buffer overflow via manipulation of HNAP_AUTH/SOAPAction in HNAP1/ endpoint	CWE-787, CWE-121, CWE-119

25 Sep 2025 20:01Current

8.9High risk

Vulners AI Score8.9

CVSS 3.18.8 - 9.8

CVSS 48.7

CVSS 29

CVSS 38.8

EPSS0.00266

SSVC

D-Link DCS-935L SOAPAction overflow remote exploit version 1.13.01