CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0492: D-Link DIR-823X FUN_00412244 null pointer dereference

8.7 CVSS

Description

A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In D-Link DIR-823X 240126/240802 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist die Funktion FUN_00412244. Durch Manipulieren mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

Classification

CVE ID: CVE-2025-0492

CVSS Base Severity: HIGH

CVSS Base Score: 8.7

Affected Products

Vendor: D-Link

Product: DIR-823X

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.81% (scored less or equal to compared to others)

EPSS Date: 2025-02-13 (when was this score calculated)

References

https://vuldb.com/?id.291937
https://vuldb.com/?ctiid.291937
https://vuldb.com/?submit.475301
https://tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-FUN_00412244-NULL-Pointer-Dereference-1730448e619580fcb7f9d871c6e7190a
https://www.dlink.com/

Timeline

2025-01-16 00:31:12 UTC
CVE

D-Link DIR-823X FUN_00412244 null pointer dereference