Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
D-Link DIR-513 Version 1.10 Allows Unauthorized Code Execution
CVE-2025-70231
Summary
A security issue in D-Link DIR-513 version 1.10 allows an attacker to potentially execute unauthorized code on the device. This is a serious problem because it could allow an attacker to take control of the device. To fix this, update to the latest version of the firmware.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dlink | dir-513_firmware | 1.10 | – |
Original title
D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to fil...
Original description
D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability.
nvd CVSS3.1
9.8
Vulnerability type
CWE-22
Path Traversal
- https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70231 Exploit Third Party Advisory
- https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-513 Product
- https://www.dlink.com/en/security-bulletin/ Vendor Advisory
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026