Sign-up

ID

VAR-202506-1093


CVE

CVE-2025-6371


TITLE

D-Link Systems, Inc.  of  DIR-619L  Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-008003

DESCRIPTION

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-619L The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-619L is a wireless router designed for home and small office environments. It adopts the IEEE 802.11n wireless standard and has a maximum transmission rate of 300Mbps. D-Link DIR-619L /goform/formSetEnableWizard has a stack overflow vulnerability. Remote attackers can use this vulnerability to submit special requests, which can cause the application to crash or execute arbitrary code in the application context

Trust: 2.16

sources: NVD: CVE-2025-6371 // JVNDB: JVNDB-2025-008003 // CNVD: CNVD-2025-13335

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-13335

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-619lscope:eqversion:2.06b1

Trust: 1.0

vendor:d linkmodel:dir-619lscope:eqversion:dir-619l firmware 2.06b1

Trust: 0.8

vendor:d linkmodel:dir-619lscope:eqversion: -

Trust: 0.8

vendor:d linkmodel:dir-619lscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-619l 2.06b01scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-13335 // JVNDB: JVNDB-2025-008003 // NVD: CVE-2025-6371

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-6371
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-008003
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-13335
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-6371
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-008003
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2025-13335
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-6371
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-008003
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-13335 // JVNDB: JVNDB-2025-008003 // NVD: CVE-2025-6371

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-008003 // NVD: CVE-2025-6371

EXTERNAL IDS

db:NVDid:CVE-2025-6371

Trust: 3.2

db:VULDBid:313364

Trust: 1.8

db:JVNDBid:JVNDB-2025-008003

Trust: 0.8

db:CNVDid:CNVD-2025-13335

Trust: 0.6

sources: CNVD: CNVD-2025-13335 // JVNDB: JVNDB-2025-008003 // NVD: CVE-2025-6371

REFERENCES

url:https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_71/71.md

Trust: 2.4

url:https://vuldb.com/?id.313364

Trust: 1.8

url:https://vuldb.com/?submit.597424

Trust: 1.8

url:https://www.dlink.com/

Trust: 1.8

url:https://vuldb.com/?ctiid.313364

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-6371

Trust: 0.8

sources: CNVD: CNVD-2025-13335 // JVNDB: JVNDB-2025-008003 // NVD: CVE-2025-6371

SOURCES

db:CNVDid:CNVD-2025-13335
db:JVNDBid:JVNDB-2025-008003
db:NVDid:CVE-2025-6371

LAST UPDATE DATE

2025-07-05T23:20:22.645000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-13335date:2025-06-24T00:00:00
db:JVNDBid:JVNDB-2025-008003date:2025-07-04T07:52:00
db:NVDid:CVE-2025-6371date:2025-06-25T20:09:48.163

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-13335date:2025-06-24T00:00:00
db:JVNDBid:JVNDB-2025-008003date:2025-07-04T00:00:00
db:NVDid:CVE-2025-6371date:2025-06-20T23:15:19.050