CVE-2025-2619: D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflow
First published: Sat Mar 22 2025(Updated: )
A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DAP-1620 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-2619?
CVE-2025-2619 is classified as a critical vulnerability.
How does CVE-2025-2619 affect the D-Link DAP-1620?
CVE-2025-2619 affects the D-Link DAP-1620 by allowing a stack-based buffer overflow through the function check_dws_cookie.
Can CVE-2025-2619 be exploited remotely?
Yes, CVE-2025-2619 can be exploited remotely.
What component is vulnerable in CVE-2025-2619?
The vulnerable component in CVE-2025-2619 is the Cookie Handler found in the /storage directory.
What is the potential impact of exploiting CVE-2025-2619?
Exploiting CVE-2025-2619 could lead to significant security risks, including unauthorized access and system compromise.
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/source
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/severity
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/d-link
- canonical/d-link dap-1620