CVE-2025-10034

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-10034

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10034.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-10034

Published

2025-09-06T15:15:34.163Z

Modified

2026-03-14T12:41:02.347691Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10034.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.08.01"
            }
        ]
    }
]