{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4486", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-20T08:18:38.288Z", "datePublished": "2026-03-20T14:02:14.729Z", "dateUpdated": "2026-03-20T14:35:33.407Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-20T14:02:14.729Z"}, "title": "D-Link DIR-513 Web Service formEasySetPassword stack-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "D-Link", "product": "DIR-513", "versions": [{"version": "1.10", "status": "affected"}], "modules": ["Web Service"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-20T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-20T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-20T09:23:42.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "AttackingLin (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.352009", "name": "VDB-352009 | D-Link DIR-513 Web Service formEasySetPassword stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.352009", "name": "VDB-352009 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.773537", "name": "Submit #773537 | D-Link DIR-513 1.10 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.773566", "name": "Submit #773566 | D-Link DIR-513 1.10 Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/formEasySetPassword.md", "tags": ["related"]}, {"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/poc.py", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "tags": ["unsupported-when-assigned"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T14:35:28.432922Z", "id": "CVE-2026-4486", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T14:35:33.407Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4486", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-20T14:35:28.432922Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T14:35:30.583Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "D-Link DIR-513 Web Service formEasySetPassword stack-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "AttackingLin (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "D-Link", "modules": ["Web Service"], "product": "DIR-513", "versions": [{"status": "affected", "version": "1.10"}]}], "timeline": [{"lang": "en", "time": "2026-03-20T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-20T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-20T09:23:42.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.352009", "name": "VDB-352009 | D-Link DIR-513 Web Service formEasySetPassword stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.352009", "name": "VDB-352009 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.773537", "name": "Submit #773537 | D-Link DIR-513 1.10 Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.773566", "name": "Submit #773566 | D-Link DIR-513 1.10 Buffer Overflow (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/formEasySetPassword.md", "tags": ["related"]}, {"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/poc.py", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-20T14:02:14.729Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4486", "state": "PUBLISHED", "dateUpdated": "2026-03-20T14:35:33.407Z", "dateReserved": "2026-03-20T08:18:38.288Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-20T14:02:14.729Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-513_firmware:1.10:*:*:*:*:*:*:*", "matchCriteriaId": "3DF100F1-CDF4-4B41-B19F-D576B72DC3CD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-513:a1:*:*:*:*:*:*:*", "matchCriteriaId": "92E54574-A6CD-4BD2-8C4A-308DAAB3AFCA", "vulnerable": false}, {"criteria": "cpe:2.3:h:dlink:dir-513:a2:*:*:*:*:*:*:*", "matchCriteriaId": "AEC92A9F-60F5-4918-B9F9-C596A225AA59", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [{"sourceIdentifier": "cna@vuldb.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}, {"lang": "es", "value": "Una vulnerabilidad fue encontrada en D-Link DIR-513 1.10. Esto afecta la funci\u00f3n formEasySetPassword del archivo /goform/formEasySetPassword del componente Servicio Web. La manipulaci\u00f3n del argumento curTime resulta en desbordamiento de b\u00fafer basado en pila. El ataque puede ser realizado desde remoto. El exploit ha sido hecho p\u00fablico y podr\u00eda ser usado. Esta vulnerabilidad solo afecta productos que ya no son soportados por el mantenedor."}], "id": "CVE-2026-4486", "lastModified": "2026-04-03T19:35:51.653", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-20T14:16:16.907", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/formEasySetPassword.md"}, {"source": "cna@vuldb.com", "tags": ["Exploit"], "url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/poc.py"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.352009"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.352009"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking", "VDB Entry"], "url": "https://vuldb.com/?submit.773537"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.773566"}, {"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://www.dlink.com/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-121"}], "source": "cna@vuldb.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.10"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "DIR-513", "source": "cna", "vendor": "D-Link"}, "product": "dir-513", "vendor": "d-link"}], "analysis": {"en": {"generated_at": "2026-04-03T22:54:43.134512+00:00", "value": {"mitigation_remediation": ["Block the /goform/formEasySetPassword URI on the router from external networks using firewall or ACL rules.", "Disable remote web administration or restrict it to the local network only via VPN or IP filtering.", "Replace the router with a supported model or install secure third\u2011party firmware that eliminates the vulnerability."], "summary": {"action": "Mitigate", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Only devices with firmware 1.10 of the DIR\u2011513 series are vulnerable. That firmware version is no longer maintained by D\u2011Link and no official update is available. The affected devices run the DIR\u2011513 hardware in models a1 and a2.", "description_and_impact": "The formEasySetPassword endpoint on the /goform interface of the D\u2011Link DIR\u2011513 router contains a stack\u2011based buffer overflow. An attacker can send a malformed curTime parameter in an HTTP request. If the overflow occurs, the stack can be corrupted, allowing arbitrary code execution or a denial\u2011of\u2011service on the device. A proof\u2011of\u2011concept exploit has been released publicly.", "risk_and_exploitability": "The CVSS base score of 8.7 classifies the flaw as high severity. The EPSS score is below 1\u202f% and the vulnerability is not listed in CISA\u2019s KEV catalogue, yet the remote nature and public exploit mean that exposed routers are still at significant risk. An attacker only needs to send a crafted request to the /goform/formEasySetPassword path from outside the local network to trigger the overflow."}}}}, "created": "2026-03-20T16:27:13.420818+00:00", "updated": "2026-04-07T08:09:03.515505+00:00", "vendors": ["d-link", "d-link$PRODUCT$dir-513"]}