CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4453 – D-Link DIR-619L formSysCmd command injection
https://notcve.org/view.php?id=CVE-2025-4453
09 May 2025 — A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Command_injection-formSysCmd-sysCmd/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4452 – D-Link DIR-619L formSetWizard2 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4452
09 May 2025 — A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this issue is the function formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formSetWizard2-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4451 – D-Link DIR-619L formSetWAN_Wizard52 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4451
09 May 2025 — A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formSetWAN_Wizard52-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4450 – D-Link DIR-619L formSetEasy_Wizard buffer overflow
https://notcve.org/view.php?id=CVE-2025-4450
09 May 2025 — A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.04B04. Affected is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formSetEasy_Wizard-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4449 – D-Link DIR-619L formEasySetupWizard3 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4449
09 May 2025 — A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to buffer overflow. The attack may be initiated remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formEasySetupWizard3-wan_connected/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4448 – D-Link DIR-619L formEasySetupWizard buffer overflow
https://notcve.org/view.php?id=CVE-2025-4448
09 May 2025 — A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir619l/Buffer_overflow-formEasySetupWizard-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4445 – D-Link DIR-605L wake_on_lan command injection
https://notcve.org/view.php?id=CVE-2025-4445
09 May 2025 — A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir605l/Command_injection-wake_on_lan-mac/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4443 – D-Link DIR-605L sub_454F2C command injection
https://notcve.org/view.php?id=CVE-2025-4443
08 May 2025 — A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir605l/Command_injection-sub_454F2C-sysCmd/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4442 – D-Link DIR-605L formSetWAN_Wizard55 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4442
08 May 2025 — A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir605l/Buffer_overflow-formSetWAN_Wizard55-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4441 – D-Link DIR-605L formSetWAN_Wizard534 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4441
08 May 2025 — A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formSetWAN_Wizard534. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. • https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir605l/Buffer_overflow-formSetWAN_Wizard534-curTime/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •