Home / Vulnerability Intelligence / CVE-2026-6013

CVE-2026-6013 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 10, 2026

D-Link DIR-513 - Buffer Overflow

Published: April 10, 2026Updated: April 10, 2026Remote Exploitable

Overview

D-Link DIR-513 1.10 contains a buffer overflow caused by manipulation of the "curTime" argument in /goform/formSetRoute POST Request Handler, letting remote attackers cause denial of service or code execution, exploit requires crafted POST request.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Remote attackers can cause denial of service or execute arbitrary code, potentially compromising the device.

Mitigation

Upgrade to the latest supported version or replace the device as it is no longer maintained.

References

https://lavender-bicycle-a5a.notion.site/D-Link-DIR-513-formSetRoute-33153a41781f80f7aed1d3614c199d85?source=copy_link
https://vuldb.com/submit/791859
https://vuldb.com/vuln/356569
https://vuldb.com/vuln/356569/cti
https://www.dlink.com/

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-6013
Severity: High
CVSS Score: 8.8
Type: buffer_overflow
Status: new

CWE

CWE-119

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H