CVE-2026-6013
D-Link DIR-513 POST Request formSetRoute buffer overflow
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
14th
A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
| CWE | CWE-120 CWE-119 |
| Vendor | d-link |
| Product | dir-513 |
| Published | Apr 10, 2026 |
| Last Updated | Apr 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for d-link dir-513
Be the first to know when new high vulnerabilities affecting d-link dir-513 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
D-Link / DIR-513
1.10
References
vuldb.com: https://vuldb.com/vuln/356569 vuldb.com: https://vuldb.com/vuln/356569/cti vuldb.com: https://vuldb.com/submit/791859 lavender-bicycle-a5a.notion.site: https://lavender-bicycle-a5a.notion.site/D-Link-DIR-513-formSetRoute-33153a41781f80f7aed1d3614c199d85?source=copy_link dlink.com: https://www.dlink.com/
Credits
๐ wxhwxhwxh_mie (VulDB User)