CVE-2025-4343: D-Link DIR-600L formEasySetupWizard buffer overflow
First published: Tue May 06 2025(Updated: )
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-600L Firmware | <=2.07B01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4343?
CVE-2025-4343 is classified as a critical vulnerability.
What software is affected by CVE-2025-4343?
CVE-2025-4343 affects the D-Link DIR-600L firmware versions up to 2.07B01.
What is the nature of CVE-2025-4343?
CVE-2025-4343 involves a buffer overflow due to manipulation of the host argument in the function formEasySetupWizard.
Can CVE-2025-4343 be exploited remotely?
Yes, CVE-2025-4343 can be exploited remotely.
How do I fix CVE-2025-4343?
To fix CVE-2025-4343, update the D-Link DIR-600L firmware to the latest version beyond 2.07B01.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/d-link
- canonical/d-link dir-600l firmware