Enviar #773537: D-Link DIR-513 1.10 Buffer Overflowinformación

TítuloD-Link DIR-513 1.10 Buffer Overflow
DescripciónD-Link DIR-513 is a network router manufactured by D-Link. A stack-based buffer overflow vulnerability exists in the Web service of the D-Link DIR-513 when processing form requests. Within the formEasySetPassword function, the program retrieves the user-controllable curTime parameter via websGetVar without any length validation. When the language parameter is neither "SC" nor "TW", the program calls the unbounded sprintf function to concatenate the oversized curTime string into a fixed-size (104 bytes) stack buffer v11. An attacker can send a specially crafted HTTP POST request to trigger a stack overflow, overwriting the return address (located 172 bytes away). This can lead to a Denial of Service (DoS) or Remote Code Execution (RCE).
Fuente⚠️ https://github.com/InfiniteLin/Lin-s-CVEdb/tree/main/DIR-513/formEasySetPassword
Usuario
 AttackingLin (UID 88138)
Sumisión2026-03-06 04:02 (hace 2 meses)
Moderación2026-03-20 09:18 (14 days later)
EstadoAceptado
Entrada de VulDB352009 [D-Link DIR-513 1.10 Web Service formEasySetPassword curTime desbordamiento de búfer]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to know what is going to be exploited?

We predict KEV entries!