CVE-2025-10666

D-Link DIR-825 apply.cgi sub_4106d4 buffer overflow

Description

A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub_4106d4 of the file apply.cgi. The manipulation of the argument countdown_time results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited. This vulnerability only affects products that are no longer supported by the maintainer.

INFO

Published Date :

2025-09-18T13:02:06.922Z

Last Modified :

2026-02-03T21:40:18.422Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-10666 vulnerability.

Vendors	Products
D-link	Dir-825
Dlink	Dir-825 Dir-825 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-10666.

URL	Resource
https://github.com/panda666-888/vuls/blob/main/d-link/dir-825/apply.cgi.md
https://github.com/panda666-888/vuls/blob/main/d-link/dir-825/apply.cgi.md#poc
https://vuldb.com/?ctiid.324787
https://vuldb.com/?id.324787
https://vuldb.com/?submit.652047
https://www.dlink.com/
https://www.exploit-db.com/exploits/52469

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact