Rewterz

Snake Keylogger Malware – Active IOCs

June 26, 2025
Rewterz

CVE-2025-6543 – Citrix NetScaler ADC and NetScaler Gateway Vulnerability

June 26, 2025

Multiple D-Link DIR-619L Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-6617 CVSS:8.8

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-6615 CVSS:8.8

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the file /goform/formAutoDetecWAN_wizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-6614 CVSS:8.8

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Impact

  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2025-6617

  • CVE-2025-6615

  • CVE-2025-6614

Affected Vendors

  • D-Link

Affected Products

  • D-Link DIR-619L 2.06B01

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.