A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.
References
Link | Resource |
---|---|
https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_overflow-formLogin-curTime/README.md | Third Party Advisory Broken Link |
https://vuldb.com/?ctiid.307461 | Permissions Required |
https://vuldb.com/?id.307461 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.558297 | Third Party Advisory VDB Entry |
https://www.dlink.com/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
12 May 2025, 17:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_overflow-formLogin-curTime/README.md - Third Party Advisory, Broken Link | |
References | () https://vuldb.com/?ctiid.307461 - Permissions Required | |
References | () https://vuldb.com/?id.307461 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.558297 - Third Party Advisory, VDB Entry | |
References | () https://www.dlink.com/ - Product | |
CPE | cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-600l:-:*:*:*:*:*:*:* |
|
First Time |
Dlink dir-600l
Dlink dir-600l Firmware Dlink |
07 May 2025, 14:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 May 2025, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-06 10:15
Updated : 2025-05-12 17:28
NVD link : CVE-2025-4344
Mitre link : CVE-2025-4344
CVE.ORG link : CVE-2025-4344
JSON object : View
Products Affected
dlink
- dir-600l_firmware
- dir-600l