PT-2025-12345 · D Link · D-Link Dir-605L+1
Yhryhryhr_Backup
·
Publicado
2025-03-20
·
Atualizado
2025-03-20
·
CVE-2025-2553
CVSS v4.0
5.3
Média
| Vetor | AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-618 and DIR-605L versions 2.02/3.02
Description
A vulnerability was found in the processing of the file
/goform/formVirtualServ. This issue leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.Recommendations
For D-Link DIR-618 and DIR-605L versions 2.02/3.02, as a temporary workaround, consider restricting access to the
/goform/formVirtualServ file until a patch is available. However, since these products are no longer supported by the maintainer, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Incorrect Privilege Assignment
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
D-Link Dir-605L
D-Link Dir-618