Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in D-Link DIR-619L 2.06B01. It has been declared as critical. This vulnerability affects unknown code of the file /goform/formSetDomainFilter. The manipulation of the argument curTime/sched_name_%d/url_%d leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
CVE-2025-6367 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the /goform/formSetDomainFilter endpoint. An authenticated remote attacker can exploit improper input validation on the curTime, sched_name_%d, and url_%d parameters to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and affects end-of-life hardware no longer receiving vendor support.
Technical ContextAI
The vulnerability exists in the web management interface of D-Link DIR-619L wireless routers (CPE: cpe:2.3:h:d-link:dir-619l:-). The affected code path is the /goform/formSetDomainFilter form handler, which processes domain filtering configuration. The root cause is a stack-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating that user-supplied input to parameters like curTime, sched_name_%d, and url_%d is copied into fixed-size stack buffers without proper bounds checking. This is a classic memory safety issue common in embedded device firmware written in C/C++. The vulnerability requires authentication (PR:L) to trigger, suggesting it exists in an administrative interface but may be accessible to low-privilege authenticated users.
RemediationAI
- action: Replace or retire affected hardware; details: Since D-Link DIR-619L is end-of-life with no vendor patches available, the only reliable remediation is hardware replacement with a currently supported router model. Firmware downgrades are not a viable mitigation.
- action: Network isolation and access controls; details: If replacement is not immediately possible: (1) Restrict access to the web management interface (port 80/443) to trusted administrative networks only using firewall ACLs. (2) Disable remote management features entirely. (3) Change default credentials and use strong, unique passwords. (4) Isolate the device to a separate management VLAN with restricted egress.
- action: Monitor for exploitation attempts; details: Enable logging on upstream security devices to detect POST requests to /goform/formSetDomainFilter with unusual parameters (particularly long strings in curTime, sched_name_*, or url_* fields). These may indicate exploitation attempts.
- action: No vendor patches available; details: D-Link has not released patches for this vulnerability. Contact D-Link support for official guidance, but expect end-of-life product status confirmation.
More in Dir 619l Firmware
View allD-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. Rated critical severity (CVSS
D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rat
An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. Rated critical se
Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter funct
Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwa
CVE-2025-6617 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect
A stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetWAN
CVE-2025-6615 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect
CVE-2025-6614 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect
CVE-2025-6374 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01, affecting the
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available
CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18788