CVE-2025-1539

HIGH

D-Link DAP-1320 1.00 - Stack-Based Buffer Overflow in replace_special_char Function

Title source: llm

Description

A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the file /storagein.pd-XXXXXX. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

References (6)

Core 6

Core References

Permissions Required vdb-entry technical-description

https://vuldb.com/?id.296480

Permissions Required signature permissions-required

https://vuldb.com/?ctiid.296480

Third Party Advisory third-party-advisory

https://vuldb.com/?submit.497496

Third Party Advisory exploit

https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-replace_special_char-Vulnerability-1960448e6195809c94f9fd2ff1f59bcf?pvs=4

Product related

https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c

Product product

https://www.dlink.com/

Scores

CVSS v3 8.8

EPSS 0.0011

EPSS Percentile 28.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-119 CWE-121 CWE-787

Status published

Products (1)

dlink/dap-1320_firmware 1.0

Published Feb 21, 2025

Tracked Since Feb 18, 2026