EUVD-2025-209315

| CVE-2025-52222 HIGH
2026-04-08 mitre
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 08, 2026 - 18:16 euvd
EUVD-2025-209315
Analysis Generated
Apr 08, 2026 - 18:16 vuln.today
CVE Published
Apr 08, 2026 - 00:00 nvd
HIGH 7.5

Tags

Denial Of Service D-Link Buffer Overflow N A

Description

D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Analysis

Buffer overflow in D-Link enterprise VPN router series (DI-8003, DI-8500, DI-8003G, DI-8200G, DI-8200, DI-8400, DI-8004w, DI-8100, DI-8100G) firmware versions 16.07.26A1 and 17.12.20A1/17.12.21A1 allows unauthenticated remote attackers to trigger denial of service via crafted HTTP requests exploiting rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in radius_asp function. Attack requires no user interaction or authentication (CVSS:3.1 AV:N/AC:L/PR:N/UI:N). No public exploit identified at time of analysis.

Technical Context

Classic stack-based buffer overflow (CWE-120) in RADIUS configuration handling within web management interface. Vulnerable radius_asp function fails to validate input length for seven distinct parameters before copying to fixed-size buffers, enabling memory corruption. Exploitation targets HTTP administrative interface accessible over network without authentication barriers, affecting firmware branches 16.07.26A1 and 17.12.x across nine enterprise router SKUs.

Affected Products

D-Link DI-8003, DI-8500, DI-8200, DI-8400, DI-8004w, DI-8100 firmware 16.07.26A1; D-Link DI-8003G firmware 17.12.21A1; D-Link DI-8200G, DI-8100G firmware 17.12.20A1. All enterprise-grade VPN router platforms from same vendor product family.

Remediation

No vendor-released patch identified at time of analysis. D-Link security bulletin (https://www.dlink.com/en/security-bulletin/) should be monitored for firmware updates addressing CVE-2025-52222. Interim mitigations: restrict web management interface access to trusted internal networks only via firewall rules; disable remote administration on WAN-facing interfaces; implement dedicated management VLAN with ACLs; deploy intrusion prevention systems with signatures detecting malformed RADIUS parameter submissions. Organizations unable to isolate administrative interfaces should evaluate migration to patched alternative platforms given absence of confirmed remediation timeline and low observed exploitation activity (EPSS 0.02%).

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +38
POC: 0

Share

EUVD-2025-209315 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy