CVE-2025-13188 PUBLISHED

A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

• Lexpl0it (VulDB User) reporter

• VDB-332476 | D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow
• VDB-332476 | CTI Indicators (IOB, IOC, IOA)
• Submit #685538 | D-Link DIR-816L DIR816L_REVB_FW_2_06_b09_beta Stack-based Buffer Overflow
• https://github.com/scanleale/IOT_sec/blob/main/DIR-816L%20stack%20overflow(authentication.cgi).pdf
• https://www.dlink.com/

• Stack-based Buffer Overflow CWE
• Memory Corruption CWE