CVE-2025-6371

CVE Database · CVE-2025-6371

CVE-2025-6371

· HIGHAnalyzed

CVSS v3.1

8.8

CVSS v4.0

7.4

EPSS

0.82%

Published

Jun 20, 2025

Modified

Jun 25, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-119CWE-121

Affected Products (2)

dlink · dir-619l_firmwarevulnerable

dlink · dir-619l

References (6)

https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_71/71.md

ExploitThird Party Advisory

https://vuldb.com/?ctiid.313364

Permissions RequiredThird Party AdvisoryVDB Entry