CVE Details
Basic Information
| Title | D-Link DIR-513 Boa Webserver formLanSetupRouterSettings sprintf stack-based overflow |
|---|---|
| Type | cve |
| Published | 2025-07-20T21:32:05.452Z |
| Modified | 2025-07-20T21:32:05.452Z |
Product Information
| Vendor | D-Link |
|---|---|
| Product | DIR-513 |
| Version | 1.0 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical vulnerability exists in the D-Link DIR-513 router’s Boa Webserver component, allowing remote attackers to cause a stack-based buffer overflow via the formLanSetupRouterSettings function. This issue is not supported by the maintainer, but it poses a significant risk due to its high CVSS score and potential for remote exploitation. |
|---|---|
| AI Severity | Critical |
| AI Vendor | D-Link |
| AI Product | Boa Webserver |
| AI Version | 1.0 |
Affected Products
- D-Link DIR-513 1.0
Additional Information
| CWE List | CWE-121, CWE-119 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.