HIGHCVE-2026-4188Published 2026-03-15Modified 2026-03-16CNA VulDB

CVE-2026-4188: D-Link DIR-619L boa formSchedule stack-based overflow

A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

D-Link / DIR-619L
2.06B01

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

VDB-351094 | D-Link DIR-619L boa formSchedule stack-based overflow
VDB-351094 | CTI Indicators (IOB, IOC, IOA)
Submit #769833 | D-Link DIR619L 2.06B01 Stack-based Buffer Overflow
github.com
dlink.com

Metrics