Vulnerability Description
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-600L Firmware | <= 2.07b01 |
| Dlink | Dir-600L | - |
Related Weaknesses (CWE)
References
- https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Buffer_ovrflow-foBroken LinkThird Party Advisory
- https://vuldb.com/?ctiid.307466Permissions Required
- https://vuldb.com/?id.307466Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.558301Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
FAQ
What is CVE-2025-4348?
CVE-2025-4348 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer ...
How severe is CVE-2025-4348?
CVE-2025-4348 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-4348?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-600L Firmware, Dlink Dir-600L.