A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
References
Link | Resource |
---|---|
https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_ovrflow-formSetWanL2TP-curTime/README.md | Third Party Advisory Broken Link |
https://vuldb.com/?ctiid.307466 | Permissions Required |
https://vuldb.com/?id.307466 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.558301 | Third Party Advisory VDB Entry |
https://www.dlink.com/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
12 May 2025, 17:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-600l:-:*:*:*:*:*:*:* |
|
First Time |
Dlink dir-600l
Dlink dir-600l Firmware Dlink |
|
References | () https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_ovrflow-formSetWanL2TP-curTime/README.md - Third Party Advisory, Broken Link | |
References | () https://vuldb.com/?ctiid.307466 - Permissions Required | |
References | () https://vuldb.com/?id.307466 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.558301 - Third Party Advisory, VDB Entry | |
References | () https://www.dlink.com/ - Product |
07 May 2025, 14:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 May 2025, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-06 11:15
Updated : 2025-05-12 17:30
NVD link : CVE-2025-4348
Mitre link : CVE-2025-4348
CVE.ORG link : CVE-2025-4348
JSON object : View
Products Affected
dlink
- dir-600l_firmware
- dir-600l