CVE-2026-5815
D-Link DIR-645 hedwig.cgi hedwigcgi_main stack-based overflow
CVSS Score
8.8
EPSS Score
0.1%
EPSS Percentile
24th
A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgi_main of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
| CWE | CWE-121 CWE-119 |
| Vendor | d-link |
| Product | dir-645 |
| Published | Apr 8, 2026 |
| Last Updated | Apr 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for d-link dir-645
Be the first to know when new high vulnerabilities affecting d-link dir-645 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
D-Link / DIR-645
1.01 1.02 1.03
References
vuldb.com: https://vuldb.com/vuln/356263 vuldb.com: https://vuldb.com/vuln/356263/cti vuldb.com: https://vuldb.com/submit/788298 github.com: https://github.com/Pers1st0/CVE/blob/main/stack-based%20buffer%20overflow%20vulnerability%20exists%20in%20the%20hedwig.cgi%20of%20D-Link%20DIR-645.md github.com: https://github.com/Pers1st0/CVE/blob/main/stack-based%20buffer%20overflow%20vulnerability%20exists%20in%20the%20hedwig.cgi%20of%20D-Link%20DIR-645.md#poc dlink.com: https://www.dlink.com/
Credits
๐ Pers1st (VulDB User)