CVE-2025-4450

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Published: May 9, 2025
Updated: May 14, 2025
CVE: CVE-2025-4450
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-120

Affected Software
References

Software	From	Fixed in
dlink / dir-619l_firmware	2.04b04	2.04b04.x

https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formSetEasy_Wizard-curTime/README.md
https://vuldb.com/?ctiid.308064
https://vuldb.com/?id.308064
https://vuldb.com/?submit.560792
https://www.dlink.com/

Vulnerability Database

CVE-2025-4450

Deep Security Visibility Without the Complexity