Request a Demo
Rewterz
Multiple Adobe Commerce and Magento Vulnerabilities
May 26, 2025
Rewterz
DOUBLELOADER Malware Evades Detection with ALCATRAZ – Active IOCs
May 26, 2025

Multiple D-Link DSL-3782 Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-25891 CVSS:7.5

D-Link DSL-3782 is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially crafted packet, a remote attacker could overflow a buffer and cause the application to crash.

CVE-2025-25892 CVSS:9.8

D-Link DSL-3782 is vulnerable to a buffer overflow, caused by improper bounds checking for sstartip, sendip, dstartip, and dendip parameters. By sending a specially crafted packet, a remote attacker could overflow a buffer and cause the application to crash.

CVE-2025-25893 CVSS:9.8

D-Link DSL-3782 could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. By sending a specially-crafted request in the inIP, insPort, inePort, exsPort, exePort, and protocol parameters, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2025-25894 CVSS:9.8

D-Link DSL-3782 could allow a remote attacker to execute arbitrary commands on the system, caused by a OS command injection vulnerability. By sending a specially crafted request in the samba_wg and samba_nbn parameters, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2025-25895 CVSS:9.8

D-Link DSL-3782 could allow a remote attacker to execute arbitrary commands on the system, caused by a OS command injection vulnerability. By sending a specially crafted request in the public_type parameters, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2025-25896 CVSS:9.8

D-Link DSL-3782 is vulnerable to a buffer overflow, caused by improper bounds checking for destination, netmask, and gateway parameters . By sending a specially crafted packet, a remote attacker could overflow a buffer and cause the application to crash.

Impact

  • Buffer Overflow
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2025-25891

  • CVE-2025-25892

  • CVE-2025-25893

  • CVE-2025-25894

  • CVE-2025-25895

  • CVE-2025-25896

Affected Vendors

  • D-Link

Affected Products

  • D-Link DSL-3782 1.01

Remediation

Refer to the D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website