Home / Vulnerability Intelligence / CVE-2025-70236

CVE-2025-70236 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 4, 2026

D-Link DIR-513 - Buffer Overflow

Published: March 3, 2026Updated: March 4, 2026PoC AvailableRemote Exploitable

Overview

D-Link DIR-513 v1.10 contains a stack buffer overflow caused by improper handling of the curTime parameter in goform/formSetDomainFilter, letting remote attackers cause memory corruption, exploit requires crafted request.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 4.7%(Probability of exploitation in next 30 days)

Impact

Remote attackers can cause memory corruption leading to potential code execution or device crash.

Mitigation

Update to the latest firmware version provided by D-Link.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 4, 2026

🔴 CVE-2025-70236 - Critical (9.8) Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70236/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-70236
Severity: Critical
CVSS Score: 9.8
Type: buffer_overflow
Status: modified
EPSS: 4.7%
Social Posts: 1

CWE

CWE-787
CWE-121

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.7%Probability of exploitation in the next 30 days