Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

D-Link DIR-619L Stack-Based Buffer Overflow Vulnerability

Vulnerability

Exploited

A critical stack-based buffer overflow vulnerability has been identified in the D-Link DIR-619L router, specifically in version 2.06B01. The issue arises in the 'formSetACLFilter' function within the file '/goform/formSetACLFilter', where the 'curTime' argument can be manipulated, leading to arbitrary code execution. This vulnerability can be exploited remotely and affects a product that is no longer supported by the manufacturer.

Impact

Exploitation of this vulnerability allows for a stack-based buffer overflow, which could be used to execute arbitrary code on the affected device.

Reproduction

To reproduce this vulnerability, send a crafted request to the '/goform/formSetACLFilter' endpoint, manipulating the 'curTime' argument with an excessively long input. This will trigger the stack-based buffer overflow condition.

Added: Jun 21, 2025, 1:56 AM

Updated: Jun 21, 2025, 1:56 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

D-Link DIR-619L Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

D-Link DIR-619L

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating