PT-2025-20449 · D Link · D-Link Dir-619L

Jylsec

Publicado

2025-05-08

Atualizado

2025-05-14

CVE-2025-4449

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions D-Link DIR-619L version 2.04B04

Description A critical issue has been found in the function formEasySetupWizard3, where the manipulation of the argument wan connected leads to a buffer overflow. This issue can be exploited remotely. The vendor was contacted about this disclosure. It's noted that this vulnerability only affects products that are no longer supported by the maintainer.

Recommendations For D-Link DIR-619L version 2.04B04, as a temporary workaround, consider disabling the formEasySetupWizard3 function until a patch is available. However, since the product is no longer supported, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-120

Identificadores relacionados

BDU:2025-05495

CVE-2025-4449

Produtos afetados

D-Link Dir-619L

PT-2025-20449 · D Link · D-Link Dir-619L

CVE-2025-4449

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17