CVE-2025-4450: D-Link DIR-619L formSetEasy_Wizard buffer overflow
First published: Fri May 09 2025(Updated: )
A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-619 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4450?
CVE-2025-4450 is classified as a critical vulnerability.
How does CVE-2025-4450 affect D-Link DIR-619L devices?
CVE-2025-4450 affects the D-Link DIR-619L by allowing a remote buffer overflow through the formSetEasy_Wizard function.
Can CVE-2025-4450 be exploited remotely?
Yes, CVE-2025-4450 can be exploited remotely due to its buffer overflow nature.
What should I do to protect my D-Link DIR-619L from CVE-2025-4450?
To protect your D-Link DIR-619L from CVE-2025-4450, ensure you update to the latest firmware provided by D-Link.
Is there a patch available for CVE-2025-4450?
Yes, the vendor D-Link is expected to release a patch for CVE-2025-4450 to mitigate the vulnerability.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/tags
- agent/epss
- agent/source
- vendor/d-link
- canonical/d-link dir-619