Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

D-Link DIR-618/DIR-605L DDNS Service formSetDDNS access control

CVE-2025-2550

Description

A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/formSetDDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Affected products

Dlink/Dir 605lllm-fuzzy
Range: 3.02
Dlink/DIR-618llm-fuzzy
Range: 2.02
D-Link/DIR-605Lv5
Range: 2.02
D-Link/DIR-618v5
Range: 2.02

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formSetDDNS-1b153a41781f80feb80bd24afc8f83d5mitreexploit
vuldb.commitrethird-party-advisory
lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formSetDDNS-1b053a41781f80659702da9a589e4f4amitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entry
www.dlink.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000