Detections
Analytics

CVE-2026-4188

high

Description

A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.

References

https://www.dlink.com/

https://vuldb.com/?submit.769833

https://vuldb.com/?id.351094

https://vuldb.com/?ctiid.351094

https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_89/89.md

Details

Source: Mitre, NVD

Published: 2026-03-16

Updated: 2026-03-16

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

CVSS v4

Base Score: 8.7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00045