Details of VAR-202506-1368

ID

VAR-202506-1368

CVE

CVE-2025-6616

TITLE

D-Link DIR-619L Stack Buffer Overflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-14220

DESCRIPTION

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link DIR-619L is a wireless router from D-Link, a Chinese company. An attacker can exploit this vulnerability to overflow the buffer, execute arbitrary code on the system, or cause the application to crash

Trust: 1.44

sources: NVD: CVE-2025-6616 // CNVD: CNVD-2025-14220

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-14220

AFFECTED PRODUCTS

vendor:

d link

model:

dir-619l 2.06b01

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-14220

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-6616
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2025-14220
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-6616
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2025-14220
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-6616
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-14220 // NVD: CVE-2025-6616

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0

sources: NVD: CVE-2025-6616

EXTERNAL IDS

db:	NVD	id:	CVE-2025-6616	Trust: 1.6
db:	VULDB	id:	313834	Trust: 1.0
db:	CNVD	id:	CNVD-2025-14220	Trust: 0.6

sources: CNVD: CNVD-2025-14220 // NVD: CVE-2025-6616

REFERENCES

url:	https://vuldb.com/?submit.602259	Trust: 1.0
url:	https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_77/77.md	Trust: 1.0
url:	https://vuldb.com/?ctiid.313834	Trust: 1.0
url:	https://www.dlink.com/	Trust: 1.0
url:	https://vuldb.com/?id.313834	Trust: 1.0
url:	https://github.com/wudipjq/my_vuln/blob/main/d-link6/vuln_77/77.md#poc	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-6615	Trust: 0.6

sources: CNVD: CNVD-2025-14220 // NVD: CVE-2025-6616

SOURCES

db:	CNVD	id:	CNVD-2025-14220
db:	NVD	id:	CVE-2025-6616

LAST UPDATE DATE

2025-06-29T23:18:50.519000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-14220	date:	2025-06-27T00:00:00
db:	NVD	id:	CVE-2025-6616	date:	2025-06-26T18:57:43.670

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-14220	date:	2025-06-27T00:00:00
db:	NVD	id:	CVE-2025-6616	date:	2025-06-25T17:15:40.280