CVE Details
Basic Information
| Title | D-Link DIR-513 HTTP POST Request formSetWanL2TPtriggers formSetWanL2TPcallback stack-based overflow |
|---|---|
| Type | cve |
| Published | 2025-07-26T09:02:06.117Z |
| Modified | 2025-07-26T09:02:06.117Z |
Product Information
| Vendor | D-Link |
|---|---|
| Product | DIR-513 |
| Version | 1.0 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical stack-based buffer overflow vulnerability in D-Link DIR-513 routers (versions 1.0 to 1.10) allows remote attackers to exploit the formSetWanL2TPcallback function via HTTP POST requests. This can lead to system crashes or code execution. The vulnerability is highly severe but affects end-of-life products, meaning no official patches are available. |
|---|---|
| AI Severity | High |
| AI Vendor | D-Link |
| AI Product | D-Link DIR-513 |
| AI Version | 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10 |
Affected Products
- D-Link DIR-513 1.0
- D-Link DIR-513 1.1
- D-Link DIR-513 1.2
- D-Link DIR-513 1.3
- D-Link DIR-513 1.4
- D-Link DIR-513 1.5
- D-Link DIR-513 1.6
- D-Link DIR-513 1.7
- D-Link DIR-513 1.8
- D-Link DIR-513 1.9
- D-Link DIR-513 1.10
Additional Information
| CWE List | CWE-121, CWE-119 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.