Attackinglin

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-513 version 1.10 **Description** A flaw exists in D-Link DIR-513 version 1.10 that allows remote OS command injection. The issue is located in an unknown function of the `/goform/formSysCmd` file. Manipulating the `sysCmd` argument can lead to the execution of arbitrary operating system commands. The exploit for this issue has been published. This vulnerability affects products that are no longer supported by the maintainer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-513 version 1.10 **Description** A stack-based buffer overflow exists in the Web Service component of D-Link DIR-513 version 1.10. The issue is located in the `formEasySetPassword` function within the `/goform/formEasySetPassword` file. Manipulation of the `curTime` argument can trigger the overflow. This issue can be exploited remotely and an exploit has been made public. The vulnerability affects products that are no longer supported by the maintainer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-513 version 1.10 **Description** A critical vulnerability exists due to a buffer overflow in the `formSetWanPPTPcallback` function within the `/goform/formSetWanPPTPpath` file of the HTTP POST Request Handler component. The vulnerability is triggered by manipulating the `curTime` argument, allowing for remote exploitation. The exploit has been publicly disclosed. This issue affects products that are no longer supported by the maintainer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-513 version 1.10 **Description** A critical issue exists in the `websAspInit` function of the `/goform/formSetWanPPPoE` file. Manipulation of the `curTime` argument can lead to a buffer overflow. This issue can be exploited remotely. The exploit has been publicly disclosed. This vulnerability affects products that are no longer supported by the maintainer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-513 versions up to 1.10 **Description** A critical vulnerability exists in D-Link DIR-513. The issue is a stack-based buffer overflow within the `formSetWanL2TPcallback` function, located in the `/goform/formSetWanL2TPtriggers` file of the HTTP POST Request Handler component. The attack can be initiated remotely. **Recommendations** D-Link DIR-513 versions up to 1.10: At the moment, there is no information about a newer version that contains a fix for this vulnerability.