Sign-up

ID

VAR-202506-1094


CVE

CVE-2025-6369


TITLE

D-Link DIR-619L formdumpeasysetup stack overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-13337

DESCRIPTION

A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01. Affected is the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime/config.save_network_enabled leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link DIR-619L is a wireless router designed for home and small office environments. It adopts the IEEE 802.11n wireless standard and has a maximum transmission rate of 300Mbps. D-Link DIR-619L /goform/formdumpeasysetup has a stack overflow vulnerability. The vulnerability is caused by improper memory buffer operation restrictions. Remote attackers can use this vulnerability to submit special requests, which can cause the application to crash or execute arbitrary code in the application context

Trust: 1.44

sources: NVD: CVE-2025-6369 // CNVD: CNVD-2025-13337

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-13337

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-619lscope:eqversion:2.06b1

Trust: 1.0

vendor:d linkmodel:dir-619l 2.06b01scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-13337 // NVD: CVE-2025-6369

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-6369
value: HIGH

Trust: 1.0

CNVD: CNVD-2025-13337
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-6369
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-13337
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-6369
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-13337 // NVD: CVE-2025-6369

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

sources: NVD: CVE-2025-6369

EXTERNAL IDS

db:NVDid:CVE-2025-6369

Trust: 1.6

db:VULDBid:313362

Trust: 1.0

db:CNVDid:CNVD-2025-13337

Trust: 0.6

sources: CNVD: CNVD-2025-13337 // NVD: CVE-2025-6369

REFERENCES

url:https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_69/69.md

Trust: 1.6

url:https://vuldb.com/?ctiid.313362

Trust: 1.0

url:https://www.dlink.com/

Trust: 1.0

url:https://vuldb.com/?id.313362

Trust: 1.0

url:https://vuldb.com/?submit.597422

Trust: 1.0

sources: CNVD: CNVD-2025-13337 // NVD: CVE-2025-6369

SOURCES

db:CNVDid:CNVD-2025-13337
db:NVDid:CVE-2025-6369

LAST UPDATE DATE

2025-06-26T23:20:45.661000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-13337date:2025-06-24T00:00:00
db:NVDid:CVE-2025-6369date:2025-06-25T20:09:28.010

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-13337date:2025-06-24T00:00:00
db:NVDid:CVE-2025-6369date:2025-06-20T22:15:19.613