Primary

Context

D-Link DIR-513 Buffer Overflow Vulnerability in formTcpipSetup

Vulnerability

A stack buffer overflow vulnerability has been identified in the D-Link DIR-513 router, specifically in the firmware version A1FW110. The issue arises in the function formTcpipSetup, where the curTime parameter can be manipulated to overflow the buffer, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack buffer overflow, which can commonly lead to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /goform/formTcpipSetup endpoint. The request must include a curTime parameter with a payload that exceeds the buffer's capacity, causing a stack overflow. This can be done using a web application testing tool or by crafting a manual HTTP request that exploits the buffer overflow vulnerability.

Added: Mar 4, 2026, 9:17 PM

Updated: Mar 4, 2026, 9:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

3.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

3.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DIR-513 Buffer Overflow Vulnerability in formTcpipSetup

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating