CVE-2025-4343

Name of the Vulnerable Software and Affected Versions D-Link DIR-600L versions 2.07B01 and earlier

Description A critical issue has been identified that affects the formEasySetupWizard function. The manipulation of the host argument leads to a buffer overflow. This issue can be exploited remotely. It is noted that this issue only affects products that are no longer supported by the manufacturer.

Recommendations For D-Link DIR-600L versions 2.07B01 and earlier, as a temporary workaround, consider disabling the formEasySetupWizard function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the host argument in the affected setup wizard until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.