A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2
Description
A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: D-Link
PRODUCT: DIR-513
AFFECTED_VERSIONS: v1.10
---END_METADATA---
Description Summary:
A stack buffer overflow in D-Link DIR-513 v1.10 via the curTime parameter in formAdvNetwork allows unauthenticated attackers to potentially execute arbitrary code.
Executive Summary:
D-Link DIR-513 routers contain a critical stack buffer overflow vulnerability in the advanced network configuration form, allowing unauthenticated attackers to gain remote control.
Vulnerability Details
CVE-ID: CVE-2025-70223
Affected Software: D-Link DIR-513
Affected Versions: v1.10
Vulnerability: This is a stack-based buffer overflow vulnerability in the
goform/formAdvNetworkendpoint. An unauthenticated remote attacker can exploit this by providing an excessively long value to thecurTimeparameter, causing memory corruption and potentially allowing for arbitrary code execution.Business Impact
This vulnerability carries a CVSS score of 9.8, signifying a critical risk to the network perimeter. Successful exploitation allows for complete device takeover, enabling attackers to intercept sensitive communications, disrupt internet connectivity, and pivot to other systems within the internal network environment.
Remediation Plan
Immediate Action: Apply the latest firmware update from D-Link for the DIR-513 router to patch the vulnerable
goformendpoints.Proactive Monitoring: Audit network logs for suspicious POST requests to the
/goform/directory and monitor for unauthorized administrative access to the router.Compensating Controls: Restrict access to the router’s web management interface and implement strong firewall rules to limit exposure of the device to the public internet.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 4, 2026, there is no public information indicating active exploitation. Stack overflows in web-facing parameters are a classic and highly effective attack vector for home and small-office routers.
Analyst Recommendation
Immediate action is required to patch or replace the affected D-Link DIR-513 routers. Because this vulnerability can be exploited without authentication, it represents a high-priority risk that could lead to the full compromise of the local network infrastructure.