Analysis Summary

CVE-2025-2553 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the virtual service, caused by improper access controls by the /goform/formVirtualServ endpoint.

CVE-2025-2552 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the tcpip service, caused by improper access controls by the /goform/formTcpipSetup endpoint.

CVE-2025-2551 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the port rules, caused by improper access controls by the /goform/formSetPortTr endpoint.

CVE-2025-2550 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the DDNS service, caused by improper access controls by the /goform/formSetDDNS endpoint.

CVE-2025-2549 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the password, caused by improper access controls by the /goform/formSetPassword endpoint.

CVE-2025-2548 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the parent control service, caused by improper access controls by the /goform/formSetDomainFilter endpoint.

CVE-2025-2547 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the upnp service, caused by improper access controls by the /goform/formAdvNetwork endpoint.

CVE-2025-2546 CVSS:4.3

D-Link DIR-618 and DIR-605L devices could allow a remote attacker to set the firewall and DMZ service, caused by improper access controls by the /goform/formAdvFirewall endpoint.

Impact

• Security Bypass

Indicators of Compromise

CVE

• CVE-2025-2553

• CVE-2025-2552

• CVE-2025-2551

• CVE-2025-2550

• CVE-2025-2549

• CVE-2025-2548

• CVE-2025-2547

• CVE-2025-2546

Affected Vendors

Remediation

Refer to the D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2025-2553

CVE-2025-2552

CVE-2025-2551

CVE-2025-2550

CVE-2025-2549

CVE-2025-2548

CVE-2025-2547

CVE-2025-2546