CVE-2025-4442: D-Link DIR-605L formSetWAN_Wizard55 buffer overflow
First published: Thu May 08 2025(Updated: )
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-605L Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4442?
CVE-2025-4442 is declared as critical due to the potential for remote exploitation.
What is the impact of CVE-2025-4442 on affected systems?
CVE-2025-4442 can lead to a buffer overflow, compromising the security of the D-Link DIR-605L router.
How can I fix CVE-2025-4442?
To mitigate CVE-2025-4442, update the firmware of the D-Link DIR-605L to the latest version provided by D-Link.
Who is affected by CVE-2025-4442?
CVE-2025-4442 affects users of the D-Link DIR-605L router running version 2.13B01.
Can CVE-2025-4442 be exploited remotely?
Yes, CVE-2025-4442 can be exploited remotely, allowing attackers to manipulate vulnerable functions.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/description
- agent/title
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/last-modified-date
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/d-link
- canonical/d-link dir-605l firmware