CVE-2018-25125

HIGH

Netis ADSL Router DL4322D RTK 2.1.1 - DoS

Title source: llm

Description

Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.

Exploits (1)

exploitdb WORKING POC VERIFIED

by cakes · pythondoshardware

https://www.exploit-db.com/exploits/45424

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/45424

[Various Sources] https://web.archive.org/web/20180731191918/http://www.netis-systems.com/Home/detail/id/74.html

[Various Sources] https://www.netis-systems.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/netis-dl4322d-ftp-service-dos

Scores

CVSS v4 8.7

EPSS 0.0030

EPSS Percentile 53.0%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (1)

Netis Systems Co., Ltd./DL4322D < RTK 2.1.1

Published Nov 14, 2025

Tracked Since Feb 18, 2026