CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-13189

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/scanleale/IOT_sec/blob/main/DIR-816L%20stack%20overflow(gena.cgi).pdf
https://vuldb.com/?ctiid.332478
https://vuldb.com/?id.332478
https://vuldb.com/?submit.685540
https://www.dlink.com/
https://github.com/scanleale/IOT_sec/blob/main/DIR-816L%20stack%20overflow(gena.cgi).pdf

Products affected by CVE-2025-13189

Dlink » Dir-816l » Version: N/A

cpe:2.3:h:dlink:dir-816l:-
Dlink » Dir-816l Firmware » Version: 2.06.b09

cpe:2.3:o:dlink:dir-816l_firmware:2.06.b09

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-13189

Products

Pricing

Contact Us