| Title | D-Link DIR-513 1.10 Buffer Overflow |
|---|
| Description | D-Link DIR-513 is a network router manufactured by D-Link. A stack-based buffer overflow vulnerability exists in the Web service of the D-Link DIR-513 when processing form requests.
Within the formEasySetPassword function, the program retrieves the user-controllable curTime parameter via websGetVar without any length validation. When the language parameter is neither "SC" nor "TW", the program calls the unbounded sprintf function to concatenate the oversized curTime string into a fixed-size (104 bytes) stack buffer v11. An attacker can send a specially crafted HTTP POST request to trigger a stack overflow, overwriting the return address (located 172 bytes away). This can lead to a Denial of Service (DoS) or Remote Code Execution (RCE). |
|---|
| Source | ⚠️ https://github.com/InfiniteLin/Lin-s-CVEdb/tree/main/DIR-513/formEasySetPassword |
|---|
| User | AttackingLin (UID 88138) |
|---|
| Submission | 03/06/2026 04:02 (1 month ago) |
|---|
| Moderation | 03/20/2026 09:18 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 352009 [D-Link DIR-513 1.10 Web Service formEasySetPassword curTime stack-based overflow] |
|---|
| Points | 20 |
|---|