CVE-2013-6027

D-Link DIR-100 - Authenticated Stack-Based Buffer Overflow via Ping Diagnostic Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-6027. PoCs published by Craig Heffner.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in multiple D-Link and PLANEX routers via the 'Tools/tools_misc.xgi' endpoint. It bypasses authentication using a backdoor User-Agent and executes a MIPS shellcode payload to trigger a reboot or arbitrary code execution.

Description

Stack-based buffer overflow in the RuntimeDiagnosticPing function in /bin/webs on D-Link DIR-100 routers might allow remote authenticated administrators to execute arbitrary commands via a long set/runtime/diagnostic/pingIp parameter to Tools/tools_misc.xgi.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Craig Heffner · pythonremotehardware
https://www.exploit-db.com/exploits/38810

This exploit targets a stack-based buffer overflow in multiple D-Link and PLANEX routers via the 'Tools/tools_misc.xgi' endpoint. It bypasses authentication using a backdoor User-Agent and executes a MIPS shellcode payload to trigger a reboot or arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: D-Link DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604, DIR-100, TM-G5240; PLANEX COMMUNICATIONS BRL-04UR, BRL-04R, BRL-04CW
No auth needed
Prerequisites: Network access to the target device · Vulnerable firmware version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit x_refsource_misc
http://pastebin.com/raw.php?i=vbiG42VD
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/248083

Scores

EPSS 0.0484
EPSS Percentile 90.9%

Details

CWE
CWE-119
Status published
Products (1)
dlink/dir-100
Published Oct 19, 2013
Tracked Since Feb 18, 2026