CVE-2025-46108
Received Received - Intake
Buffer Overflow in D-Link Dir-513 formTcpipSetup Function

Publication date: 2026-03-04

Last updated on: 2026-03-06

Assigner: MITRE

Description
D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-03-06
Generated
2026-06-16
AI Q&A
2026-03-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-46108
EUVD
EUVD-2025-208288
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dlink dir-513_firmware 1.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-46108 is a stack buffer overflow vulnerability found in the D-Link DIR-513 router, specifically in firmware version 1.10 (DIR513A1_FW110WWb01).

The vulnerability exists in the function formTcpipSetup, which handles HTTP POST requests to the endpoint goform/formTcpipSetup.

It occurs because the curTime parameter is improperly handled using sprintf, which does not limit the length of input, leading to a stack buffer overflow when an excessively long curTime value is provided.

This overflow can be triggered by sending a specially crafted POST request with a very long curTime parameter.

Impact Analysis

This vulnerability could allow an attacker to execute arbitrary code on the affected D-Link DIR-513 router.

Alternatively, it could cause a denial of service (DoS) condition, making the device unavailable or unstable.

Such impacts could compromise the security and availability of your network if the vulnerable device is exploited.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending a specially crafted HTTP POST request to the endpoint goform/formTcpipSetup on the D-Link DIR-513 router, specifically targeting the curTime parameter with an excessively long input string.'}, {'type': 'paragraph', 'content': 'A detection command example using curl would be to send a POST request with a very long curTime value to test for the buffer overflow condition.'}, {'type': 'list_item', 'content': 'curl -X POST http://<router-ip>/goform/formTcpipSetup -d "curTime=$(python -c \'print("A"*1000)\')"'}, {'type': 'paragraph', 'content': 'If the device crashes, becomes unresponsive, or behaves abnormally after this request, it indicates the presence of the vulnerability.'}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps include avoiding sending or accepting HTTP POST requests to the goform/formTcpipSetup endpoint with untrusted or excessively long curTime parameters.'}, {'type': 'paragraph', 'content': "Restrict access to the router's management interface from untrusted networks to prevent exploitation."}, {'type': 'paragraph', 'content': 'Monitor the device for unusual behavior or crashes that may indicate exploitation attempts.'}, {'type': 'paragraph', 'content': 'Check for firmware updates or patches from D-Link that address this vulnerability and apply them as soon as they become available.'}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-46108. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart