CVE-2025-70240
Stack Buffer Overflow in D-Link DIR-513 WAN Wizard Module
Publication date: 2026-03-03
Last updated on: 2026-03-09
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dir-513_firmware | 1.10 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-70240 is a stack buffer overflow vulnerability found in the D-Link DIR-513 router, specifically in firmware version v1.10. It occurs in the component handling the endpoint goform/formSetWAN_Wizard51 and is triggered via the "curTime" parameter.'}, {'type': 'paragraph', 'content': 'The vulnerability arises because the input provided in the "curTime" parameter is not properly limited in size before being processed by a vulnerable call to sprintf. This improper handling causes a stack buffer overflow.'}, {'type': 'paragraph', 'content': 'An attacker can exploit this by sending an excessively long string in the "curTime" parameter through an HTTP POST request to the /goform/formSetWAN_Wizard51 endpoint.'}] [1]
How can this vulnerability impact me? :
This vulnerability could potentially allow an attacker to execute arbitrary code on the affected D-Link DIR-513 router or cause a denial of service (DoS) condition.
By exploiting the stack buffer overflow, an attacker might gain control over the device, leading to unauthorized access, disruption of network services, or further compromise of the network environment.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending a specially crafted HTTP POST request to the /goform/formSetWAN_Wizard51 endpoint on the D-Link DIR-513 router firmware v1.10.'}, {'type': 'paragraph', 'content': 'Specifically, the detection involves sending an excessively long string in the "curTime" parameter to trigger the stack buffer overflow condition.'}, {'type': 'paragraph', 'content': 'A sample command using curl to test for this vulnerability could be:'}, {'type': 'list_item', 'content': 'curl -X POST http://[router_ip]/goform/formSetWAN_Wizard51 -d "curTime=$(python3 -c \'print("A"*1000)\')"'}, {'type': 'paragraph', 'content': "Replace [router_ip] with the IP address of the target device. This command sends a long string of 'A's as the curTime parameter to check if the device is vulnerable."}] [1]
What immediate steps should I take to mitigate this vulnerability?
I don't know