CVE 8.7 HIGH

D-Link DIR-605L POST Request formVirtualServ buffer overflow_CVE-2026-5979

April 12, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AI Analysis

Buffer overflow vulnerability in D-Link DIR-605L 2.13B01 via the formVirtualServ function of the POST Request Handler, allowing remote attacks

Basic Information

ID CVE-2026-5979

Source VulDB

Published Apr 9, 2026 at 20:45

Modified Apr 10, 2026 at 18:08

Affected Product

Vendor D-Link

Product DIR-605L

Version 2.13B01

Affected Versions D-Link DIR-605L 2.13B01

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor D-Link

Product DIR-605L

Version 2.13B01

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
    "published": "2026-04-09T20:45:15.856Z",
    "modified": "2026-04-10T18:08:05.848Z",
    "type": "cve",
    "title": "D-Link DIR-605L POST Request formVirtualServ buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/356533\nhttps://vuldb.com/vuln/356533/cti\nhttps://vuldb.com/submit/791852\nhttps://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formVirtualServ-33153a41781f80b496e1de206077bc7e?source=copy_link\nhttps://www.dlink.com/",
    "id": "CVE-2026-5979",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DIR-605L 2.13B01",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIR-605L",
    "version": "2.13B01",
    "vendor": "D-Link",
    "ai_description": "Buffer overflow vulnerability in D-Link DIR-605L 2.13B01 via the formVirtualServ function of the POST Request Handler, allowing remote attacks",
    "ai_severity": "High",
    "ai_vendor": "D-Link",
    "ai_product": "DIR-605L",
    "ai_version": "2.13B01",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply