Sign-up

ID

VAR-202506-1122


CVE

CVE-2025-6373


TITLE

D-Link DIR-619L formWlSiteSurvey file buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-17357

DESCRIPTION

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWizard1 of the file /goform/formWlSiteSurvey. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. The D-Link DIR-619L is a wireless router designed for home and small office environments. It utilizes the IEEE 802.11n wireless standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from a failure to properly validate the length of input data in the parameter curTime in the file /goform/formWlSiteSurvey. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Trust: 1.44

sources: NVD: CVE-2025-6373 // CNVD: CNVD-2025-17357

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-17357

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-619lscope:eqversion:2.06b1

Trust: 1.0

vendor:d linkmodel:dir-619l 2.06b01scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-17357 // NVD: CVE-2025-6373

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-6373
value: HIGH

Trust: 1.0

CNVD: CNVD-2025-17357
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-6373
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-17357
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-6373
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-17357 // NVD: CVE-2025-6373

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

sources: NVD: CVE-2025-6373

EXTERNAL IDS

db:NVDid:CVE-2025-6373

Trust: 1.6

db:VULDBid:313366

Trust: 1.0

db:CNVDid:CNVD-2025-17357

Trust: 0.6

sources: CNVD: CNVD-2025-17357 // NVD: CVE-2025-6373

REFERENCES

url:https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_73/73.md

Trust: 1.6

url:https://www.dlink.com/

Trust: 1.0

url:https://vuldb.com/?submit.597427

Trust: 1.0

url:https://vuldb.com/?id.313366

Trust: 1.0

url:https://vuldb.com/?ctiid.313366

Trust: 1.0

sources: CNVD: CNVD-2025-17357 // NVD: CVE-2025-6373

SOURCES

db:CNVDid:CNVD-2025-17357
db:NVDid:CVE-2025-6373

LAST UPDATE DATE

2025-08-02T23:18:26.995000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-17357date:2025-08-01T00:00:00
db:NVDid:CVE-2025-6373date:2025-06-25T20:10:16.027

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-17357date:2025-08-01T00:00:00
db:NVDid:CVE-2025-6373date:2025-06-21T00:15:22.420