CVE-2025-6615

CWE-119Buffer OverflowCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write4 documents4 sources
Severity
7.4HIGH
EPSS
0.3%
top 47.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-619lDlink Dir-619l Firmware
Timeline
PublishedJun 25
Latest updateJun 26

Description

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-619l2.06B01

🔴Vulnerability Details

2
GHSA
GHSA-wjwh-qfxf-rmcq: A vulnerability, which was classified as critical, was found in D-Link DIR-619L 22025-06-26
CVEList
D-Link DIR-619L formAutoDetecWAN_wizard4 stack-based overflow2025-06-25

📋Vendor Advisories

1
Microsoft
Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to2024-07-09
CVE-2025-6615 (HIGH CVSS 7.4) | A vulnerability | cvebase.io