CVE-2025-70219
Published: 04 March 2026
Description
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot.
Mitigating Controls (NIST 800-53 r5)AI
Validates inputs to the goform/formDeviceReboot endpoint to prevent stack buffer overflows from malformed remote requests.
Implements memory protections like stack canaries and ASLR to block arbitrary code execution even if the buffer overflow occurs.
Requires timely patching of the known stack buffer overflow flaw in D-Link DIR-513 v1.10 firmware.
Security SummaryAI
CVE-2025-70219, published on 2026-03-04, is a stack buffer overflow vulnerability (CWE-121) in the D-Link DIR-513 router version 1.10. The flaw resides in the goform/formDeviceReboot web interface endpoint, which can be triggered remotely to overflow the stack.
The vulnerability carries a CVSS v3.1 base score of 9.8 (Critical), with attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and unchanged scope (S:U). Remote attackers can exploit it without authentication to achieve high impacts on confidentiality (C:H), integrity (I:H), and availability (A:H), potentially enabling arbitrary code execution and full device compromise.
Mitigation guidance and patches are detailed in D-Link's security bulletin at https://www.dlink.com/en/security-bulletin/, the DIR-513 product support page at https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-513, and a GitHub CVE report at https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70219.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a remotely exploitable stack buffer overflow in the public-facing web interface of a router, enabling arbitrary code execution without authentication, directly mapping to exploitation of public-facing applications.