HIGHCVE-2026-5024Published 2026-03-29Modified 2026-03-30CNA VulDB

CVE-2026-5024: D-Link DIR-513 formSetEmail stack-based overflow

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

D-Link / DIR-513
1.10

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

VDB-353908 | D-Link DIR-513 formSetEmail stack-based overflow
VDB-353908 | CTI Indicators (IOB, IOC, IOA)
Submit #778414 | D-Link DIR-513 1.10 Stack-based Buffer Overflow
github.com
dlink.com

Metrics