Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

D-Link DIR-618/DIR-605L formSetPassword access control

CVE-2025-2549

Description

A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/formSetPassword. The manipulation leads to improper access controls. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Affected products

Dlink/Dir 605lllm-fuzzy
Range: 2.02/3.02
Dlink/DIR-618llm-fuzzy
D-Link/DIR-605Lv5
Range: 2.02
D-Link/DIR-618v5
Range: 2.02

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formSetPassword-1b153a41781f803d8166f9b551b30cd4mitreexploit
vuldb.commitrethird-party-advisory
lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formSetPassword-1b053a41781f8021b704f7dfeb1fcd09mitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entry
www.dlink.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000