CVE-2025-70234 Dlink — Exploit & Vulnerability Details CRITICAL

Parameter	Value
CVSS	9.8 (CRITICAL)
Type	CWE-787 (Out-of-bounds Write (Запись за границами))
Vendor	Dlink
Public PoC	No

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS.

Attack Parameters

Attack Vector

Network

Атака возможна удалённо

Attack Complexity

Low

Легко эксплуатировать

Privileges Required

None

Права не нужны

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

High

Полная утечка данных

Integrity

High

Полная модификация данных

Availability

High

Полный отказ в обслуживании

CVSS Vector v3.1

Weakness Type (CWE)

CWE-787 Out-of-bounds Write (Запись за границами)

Vulnerable Products 2

dlink:dir-513 dlink:dir-513_firmware

Known Affected Software Configurations 2

Configuration	From (including)	Up to (excluding)
Dlink Dir-513_Firmware cpe:2.3:o:dlink:dir-513_firmware:1.10:::::::*	—	—
Dlink Dir-513 cpe:2.3:h:dlink:dir-513:-:::::::*	—	—

References 3

https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70234

cve@mitre.org

https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-513

cve@mitre.org

https://www.dlink.com/en/security-bulletin/

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-3485

Dlink

8.9

CVE-2025-70240

Dlink

9.8

CVE-2025-70239

Dlink

9.8

CVE-2025-70241

Dlink

9.8

CVE-2025-70237

Dlink

9.8

Menu

CVE-2025-70234

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 2

Known Affected Software Configurations 2

References 3

Related Vulnerabilities

CVE-2026-3485

CVE-2025-70240

CVE-2025-70239

CVE-2025-70241

CVE-2025-70237

CVE Details

Editor's Choice