CVE-2025-2551 Information

Mar 21, 2025 cve

Description

A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as problematic. This affects an unknown part of the file /goform/formSetPortTr. The manipulation leads to improper access controls. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Reference

https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formSetPortTr-1b153a41781f809d95c8e39c6c31c348?pvs=4 https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formSetPortTr-1b053a41781f8000a9ded17aa2f587cc?pvs=4 https://vuldb.com/?ctiid.300165 https://vuldb.com/?id.300165 https://vuldb.com/?submit.516793 https://www.dlink.com/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.3

Share on: