Summaryinfo

A vulnerability was found in D-Link DIR-513 1.10. It has been declared as critical. The impacted element is an unknown function of the file /goform/formLogin. Such manipulation of the argument curTime leads to stack-based overflow. This vulnerability is uniquely identified as CVE-2025-70221. The attack can be launched remotely. No exploit exists.

Detailsinfo

A vulnerability was found in D-Link DIR-513 1.10 and classified as critical. Affected by this issue is some unknown processing of the file /goform/formLogin. The manipulation of the argument curTime with an unknown input leads to a stack-based overflow vulnerability. Using CWE to declare the problem leads to CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). Impacted is confidentiality, integrity, and availability. CVE summarizes:

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin.

The advisory is shared for download at dlink.com. This vulnerability is handled as CVE-2025-70221 since 01/09/2026. The exploitation is known to be easy. The attack may be launched remotely. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 03/06/2026).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Router Operating System

Vendor

• D-Link

Name

• DIR-513

Version

• 1.10

License

• commercial

Website

• Vendor: https://www.dlink.com/

CPE 2.3info

• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion