The D-Link DIR-513 router is vulnerable to a critical stack buffer overflow that could allow unauthenticated remote attackers to execute arbitrary code and seize control of the device.

A stack-based buffer overflow exists in the goform/formAutoDetecWAN_wizard4 endpoint. By sending an overlong string to the curTime parameter, an unauthenticated remote attacker can overflow the stack, leading to a denial of service or arbitrary code execution.

With a CVSS score of 9.8, this vulnerability poses a severe threat to network security. An attacker who gains control of the router can redirect traffic, perform man-in-the-middle attacks, or use the device as a jumping-off point for attacks on the internal network. This could lead to the compromise of all connected devices and sensitive data.

Immediate Action: Update the D-Link DIR-513 firmware to the latest available version or replace the device if it has reached end-of-life (EOL).

Proactive Monitoring: Monitor the router for frequent reboots or unusual configuration changes, which may indicate exploitation attempts.

Compensating Controls: Disable remote management of the router and ensure the web interface is only accessible from the local network.

Public Exploit Available: false

D-Link routers are common targets for automated attacks. It is critical to apply the latest firmware updates immediately. If the device is no longer supported by the vendor, it should be decommissioned and replaced with a modern, supported alternative to mitigate the risk of remote takeover.