CVE-2025-4451

CWE-119Buffer OverflowCWE-120Classic Buffer OverflowCWE-670CWE-703CWE-8217 documents7 sources
Severity
8.7HIGH
EPSS
0.9%
top 23.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-619lDlink Dir-619l Firmware
Timeline
PublishedMay 9

Description

A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-619l2.04B04

🔴Vulnerability Details

3
GHSA
GHSA-qxp8-q6wp-7mq2: A vulnerability has been found in D-Link DIR-619L 22025-05-09
CVEList
D-Link DIR-619L formSetWAN_Wizard52 buffer overflow2025-05-09
GHSA
Vyper Does Not Check the Success of Certain Precompile Calls2025-01-14

💬Community

1
Bugzilla
CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution2020-09-16
CVE-2025-4451 (HIGH CVSS 8.7) | A vulnerability has been found in D | cvebase.io