CVE-2025-70237 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 4, 2026
D-Link DIR-513 - Buffer Overflow
Published: March 3, 2026Updated: March 4, 2026PoC AvailableRemote Exploitable
Overview
D-Link DIR-513 v1.10 contains a stack buffer overflow caused by improper handling of the curTime parameter in goform/formSetPortTr, letting attackers execute arbitrary code remotely, exploit requires crafted request.
Severity & Score
Severity: Critical
CVSS Score: 9.8
EPSS Score: 6.4%(Probability of exploitation in next 30 days)
Impact
Attackers can execute arbitrary code remotely, potentially leading to full system compromise.
Mitigation
Update to the latest firmware version.
References
Social Media Activity(1 post)
TheHackerWire
@thehackerwire
š“ CVE-2025-70237 - Critical (9.8) Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. š https://www.thehackerwire.com/vulnerability/CVE-2025-70237/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2025-70237
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- buffer_overflow
- Status
- modified
- EPSS
- 6.4%
- Social Posts
- 1
CWE
- CWE-787
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
6.4%Probability of exploitation in the next 30 days