CVE-2025-4345: D-Link DIR-600L formSetLog buffer overflow
First published: Tue May 06 2025(Updated: )
A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. The attack may be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-600L Firmware | <=2.07B01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4345?
CVE-2025-4345 is classified as a critical vulnerability.
How do I fix CVE-2025-4345?
To mitigate CVE-2025-4345, you should upgrade the D-Link DIR-600L firmware to a version later than 2.07B01.
What type of vulnerability is CVE-2025-4345?
CVE-2025-4345 is a buffer overflow vulnerability caused by improper handling of the host argument in the formSetLog function.
Can CVE-2025-4345 be exploited remotely?
Yes, CVE-2025-4345 can be exploited remotely, making it particularly dangerous.
Which devices are affected by CVE-2025-4345?
CVE-2025-4345 affects the D-Link DIR-600L routers running firmware version up to 2.07B01.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/d-link
- canonical/d-link dir-600l firmware