CVE-2025-2548

High

A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function…

VulDB·CWE-266·Published 2025-03-20

CVSS

8.8

EPSS

0.01

KEV

Exploits

Tags:unsupported-when-assigned

cve.orgde

419 chars

Es wurde eine Schwachstelle in D-Link DIR-618 and DIR-605L 2.02/3.02 gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /goform/formSetDomainFilter. Mittels dem Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

cve.orgen

440 chars

A vulnerability, which was classified as problematic, was found in D-Link DIR-618 and DIR-605L 2.02/3.02. Affected is an unknown function of the file /goform/formSetDomainFilter. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

NVDen

440 chars

NVDes

451 chars

Se encontró una vulnerabilidad clasificada como problemática en D-Link DIR-618 y DIR-605L 2.02/3.02. La vulnerabilidad afecta a una función desconocida del archivo /goform/formSetDomainFilter. La manipulación genera controles de acceso inadecuados. El ataque solo puede iniciarse dentro de la red local. Se ha hecho público el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	cve.org	3.3	—	—	AV:A/AC:L/Au:N/C:N/I:P/A:N
2.0	Primary	cve.org	3.3	—	—	AV:A/AC:L/Au:N/C:N/I:P/A:N
2.0	Secondary	NVD	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:P/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
4.0	Primary	cve.org	5.3	—	—	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4.0	Primary	cve.org	5.3	—	—	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4.0	Secondary	NVD	5.3	—	—	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X