CVE-2025-8978

Sažetak

A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DIR619L.md
https://vuldb.com/?ctiid.319974
https://vuldb.com/?id.319974
https://vuldb.com/?submit.628599
https://www.dlink.com/
https://github.com/IOTRes/IOT_Firmware_Update/blob/main/Dlink/DIR619L.md

CVSS

Base:	6.8
Impact:	10.0
Exploitability:	3.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:M/C:C/I:C/A:C

Zadnje važnije ažuriranje

12-09-2025 - 15:51

Objavljeno

14-08-2025 - 19:15