| Title | D-Link DIR-513 v1.0 Buffer Overflow |
|---|
| Description | A stack-based buffer overflow vulnerability exists in the function formLanguageChange of the Boa web server, which is used to implement the web-based management interface in the DIR-513 embedded device.
This vulnerability is triggered when a remote attacker sends a specially crafted POST request to the endpoint /goform/formLanguageChange. The vulnerable function retrieves the parameter curTime from the request body and then uses it in a call to sprintf():
sprintf(v12, "%s?t=%s", "/index.asp", v8);
Here, v8 is derived from the input curTime . Since the length of curTime is not properly validated before being used in sprintf, an attacker can supply an excessively long value, leading to a stack buffer overflow. |
|---|
| Source | ⚠️ https://github.com/boyslikesports/vul/blob/main/formLanguageChange.md |
|---|
| User | Weining Xiao (UID 88216) |
|---|
| Submission | 07/22/2025 08:45 (9 months ago) |
|---|
| Moderation | 07/25/2025 08:52 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 317573 [D-Link DIR-513 1.0 HTTP POST Request formLanguageChange curTime stack-based overflow] |
|---|
| Points | 20 |
|---|