CVE 8.6 HIGH

D-Link DI-8100 CGI user_group.asp sprintf buffer overflow_CVE-2026-7857

May 5, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

AI Analysis

Buffer overflow vulnerability in the CGI Handler of D-Link DI-8100 via the user_group.asp file

Basic Information

ID CVE-2026-7857

Source VulDB

Published May 5, 2026 at 19:15

Affected Product

Vendor D-Link

Product DI-8100

Version 16.07.26A1

Affected Versions D-Link DI-8100 16.07.26A1

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor D-Link

Product DI-8100

Version 16.07.26A1

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2026-05-05T19:15:13.939Z",
    "modified": "2026-05-05T19:15:13.939Z",
    "type": "cve",
    "title": "D-Link DI-8100 CGI user_group.asp sprintf buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/361134\nhttps://vuldb.com/vuln/361134/cti\nhttps://vuldb.com/submit/807853\nhttps://github.com/draw-ctf/report/blob/main/DI-8100/user_group_asp_overflow.md\nhttps://www.dlink.com/",
    "id": "CVE-2026-7857",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DI-8100 16.07.26A1",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DI-8100",
    "version": "16.07.26A1",
    "vendor": "D-Link",
    "ai_description": "Buffer overflow vulnerability in the CGI Handler of D-Link DI-8100 via the user_group.asp file",
    "ai_severity": "High",
    "ai_vendor": "D-Link",
    "ai_product": "DI-8100",
    "ai_version": "16.07.26A1",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply