CVE-2026-3978 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: March 12, 2026
D-Link DIR-513 - Buffer Overflow
Overview
D-Link DIR-513 1.10 contains a buffer overflow caused by manipulation of the "wan_connected" argument in /goform/formEasySetupWizard3, letting remote attackers cause a stack-based buffer overflow, exploit requires no special privileges.
Severity & Score
Impact
Remote attackers can cause a stack-based buffer overflow, potentially leading to remote code execution or device crash.
Mitigation
Update to the latest firmware version available from D-Link.
References
Social Media Activity(2 posts)
š CVE-2026-3978 - High (8.8) A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipulation of the argument wan_connected results in stack-based buffer overflow. The attack can be lau... š https://www.thehackerwire.com/vulnerability/CVE-2026-3978/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš CVE-2026-3978 - High (8.8) A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipulation of the argument wan_connected results in stack-based buffer overflow. The attack can be lau... š https://www.thehackerwire.com/vulnerability/CVE-2026-3978/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-3978
- Severity
- High
- CVSS Score
- 8.8
- Type
- buffer_overflow
- Status
- unconfirmed
- EPSS
- 4.5%
- Social Posts
- 2
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H