Skip to main content

D-Link EUVD-2026-21189

| CVE-2026-5981 HIGH
Classic Buffer Overflow (CWE-120)
2026-04-09 VulDB
D-Link Buffer Overflow
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
PoC Detected
Apr 09, 2026 - 22:16 vuln.today
Public exploit code
EUVD ID Assigned
Apr 09, 2026 - 21:45 euvd
EUVD-2026-21189
Analysis Generated
Apr 09, 2026 - 21:45 vuln.today
CVE Published
Apr 09, 2026 - 21:15 nvd
HIGH 7.4

DescriptionCVE.org

A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AnalysisAI

Buffer overflow in D-Link DIR-605L 2.13B01 wireless router enables remote authenticated attackers to execute arbitrary code via the formAdvFirewall function in POST request handler. Exploitation occurs through manipulation of the curTime parameter in /goform/formAdvFirewall endpoint. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to DIR-605L web interface
Delivery
Send POST request to /goform/formAdvFirewall
Exploit
Inject oversized curTime parameter
Execution
Trigger buffer overflow in formAdvFirewall function
Impact
Execute arbitrary code on device
Sign in to reveal

Vulnerability AssessmentAI

Exploitation D-Link DIR-605L firmware version 2.13B01 or earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 7.4 severity is tempered by requirement for authenticated access (PR:L) and product end-of-life status. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Authenticated attacker sends POST request to /goform/formAdvFirewall with oversized curTime parameter, triggering stack buffer overflow. Publicly available exploit code exists; execution requires valid credentials.
Remediation No vendor-released patch identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: inventory all DIR-605L 2.13B01 devices across the network and classify by business criticality. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-12174 HIGH POC
7.4 Jun 13

Format string vulnerability in the D-Link DCS-935L 1.10.01 IP camera allows authenticated remote attackers to corrupt me

Share

EUVD-2026-21189 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy