CVE-2025-70238
Published: 09 March 2026
Summary
CVE-2025-70238 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Dlink Dir-513 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 26.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-70238 is a stack buffer overflow vulnerability (CWE-121) in D-Link DIR-513 router version 1.10. The flaw occurs via the curTime parameter sent to the goform/formSetWAN_Wizard52 endpoint. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and was published on 2026-03-09T15:15:52.460.
Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity and no user interaction. Exploitation results in high availability impact, enabling denial-of-service conditions such as device crashes, while confidentiality and integrity remain unaffected.
Mitigation details are available in vendor advisories, including the D-Link security bulletin at https://www.dlink.com/en/security-bulletin/, the DIR-513 product support page at https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-513, and a GitHub CVE report at https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70238.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208417
Vulnerability details
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated exploitation of web management interface (public-facing app) via crafted parameter causing stack overflow and device crash/DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely application of vendor patches from the D-Link security bulletin directly remediates the stack buffer overflow flaw in CVE-2025-70238.
Validates the curTime parameter at the goform/formSetWAN_Wizard52 endpoint to prevent the stack buffer overflow exploitation.
Implements memory protections such as stack canaries to safeguard against stack buffer overflow vulnerabilities like CVE-2025-70238.