CVE-2025-70226
Published: 04 March 2026
Description
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard.
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the stack buffer overflow by enforcing validation of the curTime parameter in the goform/formEasySetupWizard endpoint.
Provides memory protections such as stack canaries and address space layout randomization to prevent exploitation of the stack buffer overflow vulnerability.
Requires timely remediation through firmware patching to eliminate the specific stack buffer overflow flaw in D-Link DIR-513 v1.10.
Security SummaryAI
CVE-2025-70226 is a stack buffer overflow vulnerability (CWE-121) in the D-Link DIR-513 router version 1.10. The flaw occurs in the handling of the curTime parameter sent to the goform/formEasySetupWizard endpoint. Published on 2026-03-04, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact.
An unauthenticated attacker with network access can exploit this vulnerability remotely with low attack complexity and no user interaction required. Exploitation could result in high confidentiality, integrity, and availability impacts, such as arbitrary code execution on the affected device.
Mitigation details and advisories are referenced in sources including a GitHub repository at https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70226, the D-Link DIR-513 product support page at https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-513, and D-Link's security bulletin page at https://www.dlink.com/en/security-bulletin/.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack buffer overflow in unauthenticated web endpoint (goform/formEasySetupWizard) of public-facing router enables remote arbitrary code execution, directly facilitating T1190: Exploit Public-Facing Application.