CVE-2025-60679
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-13

Last updated on: 2025-11-17

Assigner: MITRE

Description
A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. The vulnerability occurs because /proc/version is read into a 512-byte buffer and then concatenated using sprintf() into another 512-byte buffer containing a 29-byte constant. Input exceeding 481 bytes triggers a stack buffer overflow, allowing an attacker who can control /proc/version content to potentially execute arbitrary code on the device.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-13
Last Modified
2025-11-17
Generated
2026-06-16
AI Q&A
2025-11-13
EPSS Evaluated
2026-06-15
NVD
CVE-2025-60679
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dlink dir-816_firmware 1.10cnb05_r1b011d88210
dlink dir-816 a2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack buffer overflow in the D-Link DIR-816A2 router firmware's upload.cgi module. It happens because the firmware reads the /proc/version file into a 512-byte buffer and then concatenates it into another 512-byte buffer with a 29-byte constant using sprintf(). If the input from /proc/version exceeds 481 bytes, it causes a stack buffer overflow, which can allow an attacker who controls the /proc/version content to execute arbitrary code on the device.

Impact Analysis

This vulnerability can allow an attacker to execute arbitrary code on the affected router device if they can control the /proc/version content. This could lead to unauthorized control over the device, potentially compromising network security, intercepting or altering network traffic, or using the device as a foothold for further attacks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-60679. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart