CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-15193

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/panda666-888/vuls/blob/main/d-link/dwr-m920/formParentControl.md
https://github.com/panda666-888/vuls/blob/main/d-link/dwr-m920/formParentControl.md#poc
https://vuldb.com/?ctiid.338578
https://vuldb.com/?id.338578
https://vuldb.com/?submit.723556
https://www.dlink.com/

Products affected by CVE-2025-15193

Dlink » Dwr-M920 » Version: N/A

cpe:2.3:h:dlink:dwr-m920:-
Dlink » Dwr-M920 Firmware » Version: Any

cpe:2.3:o:dlink:dwr-m920_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-15193

Products

Pricing

Contact Us