Home / Vulnerability Intelligence / CVE-2026-4188

CVE-2026-4188 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 16, 2026

D-Link DIR-619L - Buffer Overflow

Published: March 16, 2026Updated: March 16, 2026Remote Exploitable

Overview

D-Link DIR-619L 2.06B01 contains a stack-based buffer overflow caused by manipulation of the "curTime" argument in formSchedule function of /goform/formSchedule in boa component, letting remote attackers cause memory corruption, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.5%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption, potentially leading to denial of service or remote code execution.

Mitigation

Update to the latest supported version or replace the device as this product is no longer maintained.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 16, 2026

🟠 CVE-2026-4188 - High (8.8) A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffe... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4188/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-4188
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: unconfirmed
EPSS: 4.5%
Social Posts: 1

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.5%Probability of exploitation in the next 30 days