A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
References
Link | Resource |
---|---|
https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_ovrflow-formSetWanL2TP-curTime/README.md | Third Party Advisory Broken Link |
https://vuldb.com/?ctiid.307466 | Permissions Required |
https://vuldb.com/?id.307466 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.558301 | Third Party Advisory VDB Entry |
https://www.dlink.com/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
12 May 2025, 17:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_ovrflow-formSetWanL2TP-curTime/README.md - Third Party Advisory, Broken Link | |
References | () https://vuldb.com/?ctiid.307466 - Permissions Required | |
References | () https://vuldb.com/?id.307466 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.558301 - Third Party Advisory, VDB Entry | |
References | () https://www.dlink.com/ - Product | |
CPE | cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-600l:-:*:*:*:*:*:*:* |
|
First Time |
Dlink dir-600l
Dlink dir-600l Firmware Dlink |
07 May 2025, 14:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 May 2025, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-06 11:15
Updated : 2025-05-12 17:30
NVD link : CVE-2025-4348
Mitre link : CVE-2025-4348
CVE.ORG link : CVE-2025-4348
JSON object : View
Products Affected
dlink
- dir-600l_firmware
- dir-600l