CVE-2025-4450

CWE-119Buffer OverflowCWE-120Classic Buffer OverflowCWE-4154 documents4 sources
Severity
8.7HIGH
EPSS
0.9%
top 23.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-619lDlink Dir-619l Firmware
Timeline
PublishedMay 9

Description

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-619l2.04B04

🔴Vulnerability Details

2
GHSA
GHSA-m5vp-hqc5-ggg7: A vulnerability, which was classified as critical, was found in D-Link DIR-619L 22025-05-09
CVEList
D-Link DIR-619L formSetEasy_Wizard buffer overflow2025-05-09

📋Vendor Advisories

1
Microsoft
Double free after calling PEM_read_bio_ex2023-02-14
CVE-2025-4450 (HIGH CVSS 8.7) | A vulnerability | cvebase.io