| tiêu đề | D-Link DIR-513 1.10 Buffer Overflow |
|---|
| Mô tả | D-Link DIR-513 is a network router manufactured by D-Link. A stack-based buffer overflow vulnerability exists in the Web service of the D-Link DIR-513 when processing form requests.
Within the formEasySetPassword function, the program retrieves the user-controllable curTime parameter via websGetVar without any length validation. When the language parameter is neither "SC" nor "TW", the program calls the unbounded sprintf function to concatenate the oversized curTime string into a fixed-size (104 bytes) stack buffer v11. An attacker can send a specially crafted HTTP POST request to trigger a stack overflow, overwriting the return address (located 172 bytes away). This can lead to a Denial of Service (DoS) or Remote Code Execution (RCE). |
|---|
| Nguồn | ⚠️ https://github.com/InfiniteLin/Lin-s-CVEdb/tree/main/DIR-513/formEasySetPassword |
|---|
| Người dùng | AttackingLin (UID 88138) |
|---|
| Đệ trình | 06/03/2026 04:02 (cách đây 2 các tháng) |
|---|
| Kiểm duyệt | 20/03/2026 09:18 (14 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 352009 [D-Link DIR-513 1.10 Web Service formEasySetPassword curTime tràn bộ đệm] |
|---|
| điểm | 20 |
|---|