CVE-2025-4449: D-Link DIR-619L formEasySetupWizard3 buffer overflow
First published: Fri May 09 2025(Updated: )
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-619 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4449?
The severity of CVE-2025-4449 is classified as critical.
What type of vulnerability is CVE-2025-4449?
CVE-2025-4449 is a buffer overflow vulnerability found in the D-Link DIR-619L.
Who is affected by CVE-2025-4449?
CVE-2025-4449 affects users of the D-Link DIR-619L running version 2.04B04.
How can CVE-2025-4449 be exploited?
CVE-2025-4449 can be exploited remotely by manipulating the wan_connected argument.
How do I fix CVE-2025-4449?
To fix CVE-2025-4449, update the D-Link DIR-619L firmware to the latest version provided by the vendor.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/d-link
- canonical/d-link dir-619