CVE-2025-1877: D-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereference
First published: Mon Mar 03 2025(Updated: )
A vulnerability, which was classified as critical, was found in D-Link DAP-1562 1.10. This affects the function pure_auth_check of the component HTTP POST Request Handler. The manipulation of the argument a1 leads to null pointer dereference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DAP-1562 Firmware | ||
| All of | ||
| =1.10 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1877?
CVE-2025-1877 is classified as a critical vulnerability.
How do I fix CVE-2025-1877?
To fix CVE-2025-1877, update the D-Link DAP-1562 to the latest firmware version that addresses this vulnerability.
What component is affected by CVE-2025-1877?
CVE-2025-1877 affects the pure_auth_check function of the HTTP POST Request Handler in the D-Link DAP-1562.
What type of attack is possible with CVE-2025-1877?
CVE-2025-1877 can lead to a null pointer dereference attack.
Which devices are affected by CVE-2025-1877?
CVE-2025-1877 specifically affects the D-Link DAP-1562 version 1.10.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/references
- agent/title
- agent/author
- agent/source
- agent/event
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- vendor/d-link
- canonical/d-link dap-1562 firmware
- vendor/dlink