CVE-2018-25125
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-14
Last updated on: 2025-11-14
Assigner: VulnCheck
Description
Description
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netis | adsl_router_dl4322d | 2.1.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the embedded FTP service of the Netis ADSL Router DL4322D firmware RTK 2.1.1. An authenticated remote user can exploit this by sending an FTP command like ABOR with an excessively long argument, which causes the FTP service and the router to crash or become unresponsive.
How can this vulnerability impact me? :
Exploiting this vulnerability results in a denial of service, causing the router and its FTP service to crash or become unresponsive. This leads to a loss of availability for the device and all users connected to it.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70