D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Basic Information

ID CVE-2025-8169

Source VulDB

Published Jul 25, 2025 at 20:32

Modified Jul 28, 2025 at 14:48

Affected Product

Vendor D-Link

Product DIR-513

Version 1.10

Affected Versions D-Link DIR-513 1.10

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
    "published": "2025-07-25T20:32:05.096Z",
    "modified": "2025-07-28T14:48:09.802Z",
    "type": "cve",
    "title": "D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317583\nhttps://vuldb.com/?ctiid.317583\nhttps://vuldb.com/?submit.620817\nhttps://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formSetWanPPPoE.md\nhttps://www.dlink.com/",
    "id": "CVE-2025-8169",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DIR-513 1.10",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIR-513",
    "version": "1.10",
    "vendor": "D-Link",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow_CVE-2025-8169