Skip to main content

Dir 619l Firmware CVE-2025-6114

| EUVDEUVD-2025-18370 HIGH
Buffer Overflow (CWE-119)
2025-06-16 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18370
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
PoC Detected
Jun 17, 2025 - 20:32 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 09:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this vulnerability is the function form_portforwarding of the file /goform/form_portforwarding. The manipulation of the argument ingress_name_%d/sched_name_%d/name_%d leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwarding configuration function. An authenticated remote attacker can exploit this vulnerability by manipulating the ingress_name_%d, sched_name_%d, or name_%d parameters to achieve remote code execution with high integrity and confidentiality impact. The vulnerability has public exploit code available and affects only end-of-life products no longer receiving vendor support, significantly elevating real-world risk for exposed legacy deployments.

Technical ContextAI

The vulnerability exists in the /goform/form_portforwarding endpoint within D-Link DIR-619L wireless routers (CPE: cpe:2.3:o:d-link:dir-619l_firmware:2.06b01:*:*:*:*:*:*:*). The affected function form_portforwarding improperly handles user-supplied input for port forwarding configuration parameters without adequate bounds checking. This constitutes a CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) classic stack-based buffer overflow. The vulnerability allows attackers to write arbitrary data beyond allocated stack buffers, potentially overwriting return addresses and other critical stack structures. The web interface processing of form parameters creates the attack surface, with input validation failures enabling the overflow condition.

RemediationAI

Primary remediation option: Discontinue use of D-Link DIR-619L routers and replace with supported, current-generation networking equipment, as D-Link will not provide security patches for EOL products. Immediate mitigation strategies for organizations unable to immediately replace hardware: (1) Disable remote management access - restrict /goform/form_portforwarding web interface access to local network only via firewall rules; (2) Implement network segmentation - place affected routers on isolated management VLANs with restricted access; (3) Change default credentials immediately and enforce strong authentication if web interface must remain accessible; (4) Monitor network traffic for exploitation attempts targeting the /goform/form_portforwarding endpoint; (5) Deploy intrusion detection rules to identify malformed portforwarding parameters. No official vendor patches exist or will be released. Community-developed firmware replacements (OpenWrt, DD-WRT) may provide alternative solutions if available for this hardware revision, though validation and testing required. Hardware replacement remains the preferred remediation path.

CVE-2023-43869 CRITICAL POC
9.8 Sep 28

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. Rated critical severity (CVSS

CVE-2023-37791 CRITICAL POC
9.8 Jul 17

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rat

CVE-2018-20056 CRITICAL POC
9.8 Dec 11

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. Rated critical se

CVE-2025-6115 HIGH POC
8.8 Jun 16

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter funct

CVE-2025-6617 HIGH POC
8.8 Jun 25

CVE-2025-6617 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect

CVE-2025-6616 HIGH POC
8.8 Jun 25

A stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetWAN

CVE-2025-6615 HIGH POC
8.8 Jun 25

CVE-2025-6615 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect

CVE-2025-6614 HIGH POC
8.8 Jun 25

CVE-2025-6614 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect

CVE-2025-6374 HIGH POC
8.8 Jun 21

CVE-2025-6374 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01, affecting the

CVE-2025-6370 HIGH POC
8.8 Jun 20

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available

CVE-2025-6369 HIGH POC
8.8 Jun 20

CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/

CVE-2025-6368 HIGH POC
8.8 Jun 20

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the f

Share

CVE-2025-6114 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy