A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
References
Link | Resource |
---|---|
https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formSetWanPPPoE.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.317583 | Permissions Required VDB Entry |
https://vuldb.com/?id.317583 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.620817 | Third Party Advisory VDB Entry |
https://www.dlink.com/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
31 Jul 2025, 17:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formSetWanPPPoE.md - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.317583 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.317583 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.620817 - Third Party Advisory, VDB Entry | |
References | () https://www.dlink.com/ - Product | |
First Time |
Dlink dir-513 Firmware
Dlink dir-513 Dlink |
|
CPE | cpe:2.3:o:dlink:dir-513_firmware:1.10:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-513:a1:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-513:a2:*:*:*:*:*:*:* |
|
CWE | CWE-787 |
29 Jul 2025, 14:14
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Jul 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-25 21:15
Updated : 2025-07-31 17:27
NVD link : CVE-2025-8169
Mitre link : CVE-2025-8169
CVE.ORG link : CVE-2025-8169
JSON object : View
Products Affected
dlink
- dir-513_firmware
- dir-513