CVE-2025-60554
Published: 24 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-60554 is a buffer overflow vulnerability (CWE-120) in D-Link DIR600L Ax firmware version FW116WWb01. It is triggered via the curTime parameter in the formSetEnableWizard function, earning a CVSS v3.1 score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) due to its potential for high-impact confidentiality, integrity, and availability violations.
An unauthenticated remote attacker can exploit this over the network with low complexity by sending a specially crafted request to the vulnerable parameter. Exploitation could result in arbitrary code execution on the device, enabling full control, data exfiltration, configuration changes, or device crashes.
The vulnerability is documented in a GitHub proof-of-concept at https://github.com/luckysmallbird/DLINK-DIR600LAx-Vulnerability/blob/main/08-buffer%20overflow-formSetEnableWizard.md. No official D-Link advisories or patches are referenced; security practitioners should monitor for firmware updates, restrict web interface access via firewalls, and consider device replacement for end-of-life models.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in the public-facing web management interface (formSetEnableWizard via curTime parameter) enables exploitation for initial access via public-facing application.