Details of VAR-202506-1323

ID

VAR-202506-1323

CVE

CVE-2025-6614

TITLE

D-Link DIR-619L Stack Buffer Overflow Vulnerability (CNVD-2025-14221)

Trust: 0.6

sources: CNVD: CNVD-2025-14221

DESCRIPTION

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link DIR-619L is a wireless router from D-Link, a Chinese company. D-Link DIR-619L has a stack buffer overflow vulnerability, which is caused by incorrect bounds checking in the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. An attacker can exploit this vulnerability to cause a buffer overflow, execute arbitrary code on the system, or cause the application to crash

Trust: 1.44

sources: NVD: CVE-2025-6614 // CNVD: CNVD-2025-14221

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-14221

AFFECTED PRODUCTS

vendor:

d link

model:

dir-619l 2.06b01

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-14221

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-6614
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2025-14221
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-6614
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2025-14221
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-6614
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-14221 // NVD: CVE-2025-6614

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0

sources: NVD: CVE-2025-6614

EXTERNAL IDS

db:	NVD	id:	CVE-2025-6614	Trust: 1.6
db:	VULDB	id:	313832	Trust: 1.0
db:	CNVD	id:	CNVD-2025-14221	Trust: 0.6

sources: CNVD: CNVD-2025-14221 // NVD: CVE-2025-6614

REFERENCES

url:	https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_75/75.md#poc	Trust: 1.0
url:	https://vuldb.com/?ctiid.313832	Trust: 1.0
url:	https://vuldb.com/?submit.602257	Trust: 1.0
url:	https://vuldb.com/?id.313832	Trust: 1.0
url:	https://www.dlink.com/	Trust: 1.0
url:	https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_75/75.md	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-6614	Trust: 0.6

sources: CNVD: CNVD-2025-14221 // NVD: CVE-2025-6614

SOURCES

db:	CNVD	id:	CNVD-2025-14221
db:	NVD	id:	CVE-2025-6614

LAST UPDATE DATE

2025-06-29T23:06:38.126000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-14221	date:	2025-06-27T00:00:00
db:	NVD	id:	CVE-2025-6614	date:	2025-06-26T18:57:43.670

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-14221	date:	2025-06-27T00:00:00
db:	NVD	id:	CVE-2025-6614	date:	2025-06-25T16:15:27.593