Severity
High
Analysis Summary
CVE-2025-8184 CVSS:8.8
A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-8169 CVSS:8.8
A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-8168 CVSS:8.8
A vulnerability was found in D-Link DIR-513 1.10. It has been rated as critical. Affected by this issue is the function websAspInit of the file /goform/formSetWanPPPoE. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
CVE-2025-8184
CVE-2025-8169
CVE-2025-8168
Affected Vendors
- D-Link
Affected Products
- D-Link DIR-513 1.0
- D-Link DIR-513 1.1
- D-Link DIR-513 1.2
- D-Link DIR-513 1.3
- D-Link DIR-513 1.4
- D-Link DIR-513 1.5
- D-Link DIR-513 1.6
- D-Link DIR-513 1.7
- D-Link DIR-513 1.8
- D-Link DIR-513 1.9
- D-Link DIR-513 1.10
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.