CVE-2025-6374
BaseFortify
Publication date: 2025-06-21
Last updated on: 2025-06-25
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dir-619l_firmware | 2.06b1 |
| dlink | dir-619l | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6374 is a critical stack-based buffer overflow vulnerability in the D-Link DIR-619L router firmware version 2.06B01. It occurs in the function formSetACLFilter at the endpoint /goform/formSetACLFilter, specifically involving the argument 'curTime'. An attacker can supply an excessively long or crafted value for 'curTime', causing a stack overflow. This overflow can crash the device or allow remote attackers to execute arbitrary code on the router without authentication. [1, 2]
How can this vulnerability impact me? :
This vulnerability impacts the confidentiality, integrity, and availability of the affected D-Link DIR-619L router. Exploitation can lead to remote code execution or denial of service, allowing attackers to take control of the device or disrupt its operation. Since the attack can be initiated remotely without authentication and exploits are publicly available, the risk of compromise is high. There are no known mitigations, so affected devices should be replaced to avoid exploitation. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for requests to the endpoint /goform/formSetACLFilter with unusually long or malformed 'curTime' parameters that could trigger the stack-based buffer overflow. Network intrusion detection systems (NIDS) can be configured to alert on such suspicious HTTP requests targeting this endpoint. Additionally, inspecting router logs for crashes or abnormal behavior related to this function may indicate exploitation attempts. Specific commands are not provided in the resources, but using tools like curl or wget to send crafted requests to /goform/formSetACLFilter with long 'curTime' values can help test for vulnerability presence. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected D-Link DIR-619L router running firmware version 2.06B01 with a different device, as no known countermeasures or patches are available. Disabling remote access to the router's management interface or restricting access to trusted networks may reduce exposure. Monitoring for exploit attempts and isolating vulnerable devices from untrusted networks are also recommended until replacement can be performed. [2]