CVE-2025-60564 identifies a buffer overflow vulnerability in the D-Link DIR600L Ax router firmware version FW116WWb01. The vulnerability arises from improper handling of the curTime parameter within the formSetLog function, which fails to properly validate input length or content, leading to a classic stack-based buffer overflow (CWE-121). This flaw can be exploited remotely without authentication or user interaction, as the vulnerable function is accessible via network interfaces. The CVSS v3.1 score of 7.5 reflects a high severity, primarily due to the potential to disrupt availability by causing the device to crash or reboot unexpectedly. While confidentiality and integrity impacts are not evident, the denial of service effect can interrupt network connectivity for affected users. No patches or firmware updates have been published at the time of disclosure, and no exploits are known to be active in the wild. The vulnerability affects the specific firmware version FW116WWb01, but the exact range of affected versions is not detailed. The vulnerability is significant for environments relying on this router model, particularly where network uptime is critical.

For European organizations, the primary impact of CVE-2025-60564 is on network availability. A successful exploit could cause routers to crash or reboot, leading to temporary loss of internet connectivity or internal network segmentation failures. This could disrupt business operations, especially for small and medium enterprises or remote offices using the affected D-Link DIR600L Ax routers. Critical infrastructure or service providers using these devices as part of their network edge could experience service outages, impacting end-users and customers. Although the vulnerability does not compromise data confidentiality or integrity directly, the denial of service could be leveraged as part of a broader attack strategy to cause operational disruption. The lack of authentication and user interaction requirements increases the risk of automated exploitation attempts once the vulnerability becomes widely known.

1. Immediately restrict access to the router's management interfaces (e.g., web UI, remote management ports) by implementing network-level controls such as firewall rules or VPN-only access. 2. Monitor D-Link's official channels for firmware updates addressing this vulnerability and apply patches promptly once available. 3. Where possible, replace affected routers with models from vendors with active security support and patch management. 4. Employ network segmentation to isolate vulnerable devices from critical systems to minimize impact in case of compromise. 5. Implement intrusion detection/prevention systems (IDS/IPS) with signatures or anomaly detection to identify and block exploit attempts targeting the curTime parameter. 6. Regularly audit network devices for firmware versions and configurations to ensure compliance with security policies. 7. Educate IT staff on the vulnerability and encourage proactive monitoring of router logs and network traffic for unusual activity.