EUVD-2026-21189
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Analysis
Buffer overflow in D-Link DIR-605L 2.13B01 wireless router enables remote authenticated attackers to execute arbitrary code via the formAdvFirewall function in POST request handler. Exploitation occurs through manipulation of the curTime parameter in /goform/formAdvFirewall endpoint. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: inventory all DIR-605L 2.13B01 devices across the network and classify by business criticality. Within 7 days: restrict network access to affected devices (disable remote management, segment from critical systems, disable wireless if feasible) and begin replacement procurement. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today