Skip to main content

Dir 619l Firmware EUVDEUVD-2025-19104

| CVE-2025-6615 HIGH
Buffer Overflow (CWE-119)
2025-06-25 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 15, 2026 - 23:19 euvd
EUVD-2025-19104
Analysis Generated
Mar 15, 2026 - 23:19 vuln.today
PoC Detected
Jul 14, 2025 - 17:18 vuln.today
Public exploit code
CVE Published
Jun 25, 2025 - 16:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

CVE-2025-6615 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affecting the formAutoDetecWAN_wizard4 function. An authenticated remote attacker can exploit improper handling of the 'curTime' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and affects only end-of-life products no longer receiving vendor support.

Technical ContextAI

The vulnerability exists in the web management interface of D-Link DIR-619L routers, specifically in the /goform/formAutoDetecWAN_wizard4 endpoint. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating unsafe string handling without bounds checking on the 'curTime' parameter. This parameter is processed by the formAutoDetecWAN_wizard4 function without validating input length, allowing an attacker to write beyond allocated stack memory. The affected product is a consumer-grade wireless router from D-Link's legacy product line (DIR-619L series), identified by CPE pattern: cpe:2.3:o:d-link:dir-619l_firmware:2.06b01:*:*:*:*:*:*:*. The vulnerability leverages HTTP POST requests to the management interface, suggesting the web server processes user input directly into fixed-size stack buffers.

RemediationAI

(1) Primary: Discontinue use of DIR-619L routers and replace with current-generation, actively-supported D-Link or third-party router firmware. (2) If replacement not feasible: Implement network-level mitigations: restrict HTTP/HTTPS access to the router management interface to trusted static IPs only; disable remote management; deploy the router behind a VPN or DMZ with strict firewall rules; isolate the router to a dedicated, non-production network segment. (3) Workaround: Change default administrative credentials to strong, unique passwords; disable UPnP; disable WPS; enable access control lists (ACLs) to restrict admin interface access. (4) Monitoring: Inspect router logs for POST requests to /goform/formAutoDetecWAN_wizard4 endpoint; monitor for unexpected firmware modifications or system behavior. (5) No patch available: Vendor will not release patches for end-of-life hardware. Third-party OpenWrt or DD-WRT firmware may provide alternative, maintained OS but compatibility with DIR-619L should be verified before deployment.

CVE-2023-43869 CRITICAL POC
9.8 Sep 28

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. Rated critical severity (CVSS

CVE-2023-37791 CRITICAL POC
9.8 Jul 17

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rat

CVE-2018-20056 CRITICAL POC
9.8 Dec 11

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. Rated critical se

CVE-2025-6115 HIGH POC
8.8 Jun 16

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01 affecting the form_macfilter funct

CVE-2025-6114 HIGH POC
8.8 Jun 16

Critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01, affecting the port forwa

CVE-2025-6617 HIGH POC
8.8 Jun 25

CVE-2025-6617 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect

CVE-2025-6616 HIGH POC
8.8 Jun 25

A stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the formSetWAN

CVE-2025-6614 HIGH POC
8.8 Jun 25

CVE-2025-6614 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L firmware version 2.06B01 affect

CVE-2025-6374 HIGH POC
8.8 Jun 21

CVE-2025-6374 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L version 2.06B01, affecting the

CVE-2025-6370 HIGH POC
8.8 Jun 20

A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available

CVE-2025-6369 HIGH POC
8.8 Jun 20

CVE-2025-6369 is a critical stack-based buffer overflow vulnerability in D-Link DIR-619L v2.06B01 affecting the /goform/

CVE-2025-6368 HIGH POC
8.8 Jun 20

A critical stack-based buffer overflow vulnerability exists in D-Link DIR-619L firmware version 2.06B01, affecting the f

Share

EUVD-2025-19104 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy