Primary

Context

D-Link DIR-513 Buffer Overflow Vulnerability in WAN PPTP Form

Vulnerability

A critical buffer overflow vulnerability has been identified in the D-Link DIR-513 router, version 1.0. The issue arises in the file '/goform/formSetWanPPTP', where the 'curTime' argument can be manipulated, leading to a buffer overflow. This vulnerability can be exploited remotely and affects products that are no longer supported by the manufacturer.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition on the device.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/formSetWanPPTP' with a crafted 'curTime' argument that exceeds the buffer size, causing a buffer overflow. This can be done using a web browser or a tool like cURL, by specifying the appropriate headers and payload.

Added: Jun 30, 2025, 3:24 AM

Updated: Jun 30, 2025, 3:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DIR-513 Buffer Overflow Vulnerability in WAN PPTP Form

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating