CVE-2020-10215

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dnsqueryname parameter in a dnsquery.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected...

CVE-2025-6292

CVE-2025-6292 affects D-Link DIR-825, specifically version 2.03. The issue stems from the HTTP POST Request Handler’s sub_4091AC function, which can be triggered remotely to cause a stack-based buffer overflow. Public exploitation is indicated, and the vulnerability targets devices no longer supp...

CVE-2020-10213

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wpsstaenrolleepin parameter in a setstaenrolleepin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected...

PT-2022-26988 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 1.0.9/EE Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the YouTube...

CVE-2021-29296

Null Pointer Dereference vulnerability in D-Link DIR-825 2.10b02, which could let a remote malicious user cause a denial of service. The vulnerability could be triggered by sending an HTTP request with URL /vctwan; the sbin/httpd would invoke the strchr function and take NULL as a first argument,...