Which versions of D-Link are affected by CVE-2026-6012?

CVE-2026-6012 affects end-of-life D-Link DIR-513 wireless routers, allowing authenticated attackers with low-privilege credentials to execute arbitrary code remotely through a buffer overflow…

Is there a public PoC exploit available for CVE-2026-6012?

Yes, a public proof-of-concept exploit is available for CVE-2026-6012. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-6012?

Within 24 hours: Inventory all D-Link DIR-513 1.10 devices on the network and isolate or disable any units found. Within 7 days: Implement network segmentation to restrict management access to DIR-513 devices and enforce strong authentication policies to limit credential compromise. Within 30 days: Replace all DIR-513 units with supported router models from an active vendor; if immediate replacement is unavailable, air-gap affected devices or place behind a monitored network boundary with restricted outbound access.

D-Link CVE-2026-6012

Q: What is the CVSS score of CVE-2026-6012?

CVE-2026-6012 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-21307 HIGH

Classic Buffer Overflow (CWE-120)

2026-04-10 VulDB

GHSA-x6gx-rmhg-wc3f

D-Link Buffer Overflow

7.4

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.4 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 10, 2026 - 05:16 vuln.today

Public exploit code

EUVD ID Assigned

Apr 10, 2026 - 04:45 euvd

EUVD-2026-21307

Analysis Generated

Apr 10, 2026 - 04:45 vuln.today

CVE Published

Apr 10, 2026 - 04:00 nvd

HIGH 7.4

DescriptionCVE.org

A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Buffer overflow in D-Link DIR-513 1.10 formSetPassword function allows authenticated remote attackers to achieve arbitrary code execution with high confidentiality, integrity, and availability impact. Exploitation occurs through POST request manipulation of the curTime parameter in /goform/formSetPassword endpoint. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to D-Link DIR-513 router

Delivery

POST request to /goform/formSetPassword

Exploit

Inject oversized curTime parameter

Execution

Trigger buffer overflow

Impact

Execute arbitrary code

Access

Authenticate to D-Link DIR-513 router

Delivery

POST request to /goform/formSetPassword

Exploit

Inject oversized curTime parameter

Execution

Trigger buffer overflow

Impact

Execute arbitrary code

Vulnerability AssessmentAI

Exploitation	D-Link DIR-513 firmware version 1.10 (end-of-life product). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.8 with high confidentiality, integrity, and availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	Attacker with valid credentials sends POST request to /goform/formSetPassword with oversized curTime payload, causing buffer overflow. Public exploit code available enables straightforward execution; low complexity due to network accessibility and lack of user interaction required.
Remediation	No vendor-released patch identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all D-Link DIR-513 1.10 devices on the network and isolate or disable any units found. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-12174 HIGH This Week POC

7.4 Jun 13

Format string vulnerability in the D-Link DCS-935L 1.10.01 IP camera allows authenticated remote attackers to corrupt me

CVE-2026-6012 vulnerability details – vuln.today

Back