CVE-2025-6115
BaseFortify
Publication date: 2025-06-16
Last updated on: 2025-06-17
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dir-619l_firmware | 2.06b01 |
| dlink | dir-619l | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6115 is a critical stack-based buffer overflow vulnerability in the D-Link DIR-619L router (version 2.06B01). It occurs in the function form_macfilter when handling the parameters mac_hostname_%d and sched_name_%d. Improper validation of these inputs allows an attacker to overflow the stack, potentially leading to remote code execution or crashing the device. The vulnerability can be exploited remotely without authentication, and a public proof-of-concept exploit is available. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected router. An attacker can remotely exploit the stack-based buffer overflow to crash the device or execute arbitrary code, potentially gaining control over the router. This could lead to network disruption, unauthorized access, or further attacks on connected systems. Since no mitigations currently exist, the recommended action is to replace the affected product. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability can be performed by monitoring for unusual or malformed requests targeting the parameters mac_hostname_%d or sched_name_%d in the form_macfilter function of the D-Link DIR-619L router firmware 2.06B01. Since a public proof-of-concept exploit is available, network intrusion detection systems (NIDS) can be configured to look for exploit patterns related to stack-based buffer overflow attempts on these parameters. Specific commands are not provided in the resources, but using tools like Wireshark to capture HTTP requests or employing vulnerability scanners that check for this known exploit could help detect attempts. Additionally, checking the router's firmware version to confirm if it is 2.06B01 can help identify if the device is vulnerable. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
There are no known countermeasures or mitigations currently available for this vulnerability. The recommended immediate step is to replace the affected D-Link DIR-619L router running firmware version 2.06B01 with an alternative device that is not vulnerable. Since the product is no longer supported by the maintainer, firmware updates or patches are not expected. Additionally, restricting remote access to the device and isolating it from untrusted networks may reduce exposure until replacement is possible. [1]