{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T01:52:19.939","vulnerabilities":[{"cve":{"id":"CVE-2025-1538","sourceIdentifier":"cna@vuldb.com","published":"2025-02-21T15:15:12.630","lastModified":"2025-02-25T20:54:42.947","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad clasificada como crítica en D-Link DAP-1320 1.00. Esta vulnerabilidad afecta a la función set_ws_action del archivo /dws/api/. La manipulación provoca un desbordamiento del búfer basado en el montón. El ataque se puede ejecutar de forma remota. El exploit se ha hecho público y puede utilizarse. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dap-1320_firmware:1.0:*:*:*:*:*:*:*","matchCriteriaId":"DD16A696-CC8A-489B-9930-DC3457FEF2E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dap-1320:-:*:*:*:*:*:*:*","matchCriteriaId":"87CC92EB-3439-4FD1-9439-8DFF5D8BCDB8"}]}]}],"references":[{"url":"https://legacy.us.dlink.com/pages/product.aspx?id=4b2bbe2e3f1d440ea65bc56c7e3dcc5c","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://tasty-foxtrot-3a8.notion.site/D-link-DAP-1320-set_ws_action-Vulnerability-1950448e61958049be3cc606d434bc9d?pvs=74","source":"cna@vuldb.com","tags":["Exploit"]},{"url":"https://vuldb.com/?ctiid.296479","source":"cna@vuldb.com","tags":["Permissions Required"]},{"url":"https://vuldb.com/?id.296479","source":"cna@vuldb.com","tags":["Permissions Required"]},{"url":"https://vuldb.com/?submit.497301","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/","source":"cna@vuldb.com","tags":["Product"]}]}}]}