CVE-2026-4486

CWE-119Buffer OverflowCWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write3 documents3 sources
Severity
7.4HIGH
EPSS
0.1%
top 79.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-513Dlink Dir-513 Firmware
Timeline
PublishedMar 20

Description

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-5131.10

🔴Vulnerability Details

2
GHSA
GHSA-gpc6-qqr6-4rpw: A vulnerability was found in D-Link DIR-513 12026-03-20
CVEList
D-Link DIR-513 Web Service formEasySetPassword stack-based overflow2026-03-20
CVE-2026-4486 (HIGH CVSS 7.4) | A vulnerability was found in D-Link | cvebase.io