A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
References
| Link | Resource |
|---|---|
| https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formVirtualServ-33153a41781f80b496e1de206077bc7e?source=copy_link | Exploit Third Party Advisory |
| https://vuldb.com/submit/791852 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/356533 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/356533/cti | Permissions Required VDB Entry |
| https://www.dlink.com/ | Product |
Configurations
Configuration 1 (hide)
| AND |
|
History
30 Apr 2026, 15:34
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:dlink:dir-605l_firmware:2.13b01:*:*:*:*:*:*:* cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:* |
|
| First Time |
Dlink dir-605l
Dlink Dlink dir-605l Firmware |
|
| References | () https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formVirtualServ-33153a41781f80b496e1de206077bc7e?source=copy_link - Exploit, Third Party Advisory | |
| References | () https://vuldb.com/submit/791852 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/356533 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/356533/cti - Permissions Required, VDB Entry | |
| References | () https://www.dlink.com/ - Product |
09 Apr 2026, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-09 21:16
Updated : 2026-04-30 15:34
NVD link : CVE-2026-5979
Mitre link : CVE-2026-5979
CVE.ORG link : CVE-2026-5979
JSON object : View
Products Affected
dlink
- dir-605l
- dir-605l_firmware