CVE-2025-60553
Published: 24 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-60553 is a buffer overflow vulnerability (CWE-120) affecting the D-Link DIR-600L Ax router on firmware version FW116WWb01. The flaw exists in the formSetWAN_Wizard52 function via the curTime parameter, which can be triggered to overflow buffers when processing malformed input.
The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating it is exploitable remotely over the network with low complexity, no required privileges or user interaction, and unchanged impact scope. Remote attackers can thus target affected devices without authentication, potentially achieving high impacts on confidentiality, integrity, and availability through buffer overflow consequences such as arbitrary code execution or system crashes.
Details on the vulnerability, including exploitation specifics for the formSetWAN_Wizard52 buffer overflow, are documented in a GitHub repository at https://github.com/luckysmallbird/DLINK-DIR600LAx-Vulnerability/blob/main/03-buffer%20overflow-formSetWAN_Wizard52.md. No vendor advisories or patches are referenced in the CVE publication dated 2025-10-24.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in the router's web management interface (formSetWAN_Wizard52) enables remote code execution via exploitation of a public-facing application.