Rewterz

FormBook Malware – Active IOCs

April 21, 2025
Rewterz

Multiple Cisco Products Vulnerabilities

April 21, 2025

CVE-2025-3785 – D-Link DWR-M961 Vulnerability

Severity

High

Analysis Summary

CVE-2025-3785

A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.49 is able to address this issue. It is recommended to upgrade the affected component.

Impact

  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2025-3785

Affected Vendors

  • D-Link

Affected Products

  • D-Link DWR-M961 1.1.36

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.