← back
CVE-2026-5982

D-Link DIR-605L POST Request formAdvNetwork buffer overflow

CVSS 8.7 HIGHEPSS 0.7%CWE-119CWE-120
A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Affected products
D-Link · DIR-605L
public PoCs found1
cve_referencelavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvNetwork-33153a41781f80f9a47bd5e073fc00ae?source=copy_linkunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvNetwork-33153a41781f80f9a47bd5e073fc00ae?source=copy_linkhttps://vuldb.com/submit/791855https://vuldb.com/vuln/356536https://vuldb.com/vuln/356536/ctihttps://www.dlink.com/