CVE-2025-8978

A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Published: Aug 14, 2025
Updated: Aug 15, 2025
CVE: CVE-2025-8978
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DIR619L.md
https://vuldb.com/?ctiid.319974
https://vuldb.com/?id.319974
https://vuldb.com/?submit.628599
https://www.dlink.com/

Vulnerability Database

CVE-2025-8978

Deep Security Visibility Without the Complexity