CVE-2025-6369

Published Jun 20, 2025

Last updated 22 days ago

CVSS high 7.4

Overview

Description
A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01. Affected is the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime/config.save_network_enabled leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Source
cna@vuldb.com
NVD status
Analyzed
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.4
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Secondary
Base score
9
Impact score
10
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

cna@vuldb.com
CWE-119

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2025-6369

    @transilienceai

    22 Jun 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. [CVE-2025-6369: HIGH] Critical remote stack-based buffer overflow vulnerability discovered in D-Link DIR-619L 2.06B01. Exploit disclosed publicly, impacts unsupported products only.#cve,CVE-2025-6369,#cybersecurity https://t.co/VvqsDdkpjh https://t.co/ok5r5QHEuP

    @CveFindCom

    20 Jun 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.