CVE-2025-1876: D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow
First published: Mon Mar 03 2025(Updated: )
A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DAP-1562 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1876?
CVE-2025-1876 is classified as a critical vulnerability.
How does CVE-2025-1876 exploit the D-Link DAP-1562?
CVE-2025-1876 exploits the function http_request_parse in the HTTP Header Handler, leading to stack-based buffer overflow.
What devices are affected by CVE-2025-1876?
The D-Link DAP-1562 is the affected device for CVE-2025-1876.
How can I mitigate CVE-2025-1876?
To mitigate CVE-2025-1876, you should update the firmware of the D-Link DAP-1562 to the latest version provided by the vendor.
Is CVE-2025-1876 exploitable remotely?
Yes, CVE-2025-1876 can be exploited remotely if the device is accessible over the network.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/title
- agent/description
- agent/first-publish-date
- agent/type
- agent/softwarecombine
- agent/source
- agent/severity
- agent/author
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/d-link
- canonical/d-link dap-1562 firmware