CVE 8.6 HIGH

D-Link DI-8100 Web Management url_member.asp buffer overflow_CVE-2026-7856

May 5, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.

AI Analysis

Buffer overflow vulnerability in D-Link DI-8100 Web Management Interface via manipulation of the Name argument in /url_member.asp

Basic Information

ID CVE-2026-7856

Source VulDB

Published May 5, 2026 at 19:00

Affected Product

Vendor D-Link

Product DI-8100

Version 16.07.26A1

Affected Versions D-Link DI-8100 16.07.26A1

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor D-Link

Product DI-8100

Version 16.07.26A1

References

{
    "lastseen": "",
    "description": "A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.",
    "published": "2026-05-05T19:00:14.098Z",
    "modified": "2026-05-05T19:00:14.098Z",
    "type": "cve",
    "title": "D-Link DI-8100 Web Management url_member.asp buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/361133\nhttps://vuldb.com/vuln/361133/cti\nhttps://vuldb.com/submit/807849\nhttps://github.com/draw-ctf/report/blob/main/DI-8100/url_member_asp_overflow.md\nhttps://www.dlink.com/",
    "id": "CVE-2026-7856",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DI-8100 16.07.26A1",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DI-8100",
    "version": "16.07.26A1",
    "vendor": "D-Link",
    "ai_description": "Buffer overflow vulnerability in D-Link DI-8100 Web Management Interface via manipulation of the Name argument in /url_member.asp",
    "ai_severity": "High",
    "ai_vendor": "D-Link",
    "ai_product": "DI-8100",
    "ai_version": "16.07.26A1",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply