CVE-2025-6114

Name of the Vulnerable Software and Affected Versions D-Link DIR-619L version 2.06B01

Description A critical vulnerability has been found in the function form portforwarding of the file /goform/form portforwarding. The manipulation of the argument ingress name %d/sched name %d/name %d leads to a stack-based buffer overflow. This issue can be exploited remotely. The vulnerability only affects products that are no longer supported by the manufacturer.

Recommendations As a temporary workaround, consider disabling the form portforwarding function until a patch is available. Restrict access to the /goform/form portforwarding file to minimize the risk of exploitation. Avoid using the argument ingress name %d/sched name %d/name %d in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.