CVE 9.3 CRITICAL

D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow_CVE-2026-7853

May 5, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

AI Analysis

Buffer overflow vulnerability in D-Link DI-8100's HTTP Handler via the auto_reboot.asp file

Basic Information

ID CVE-2026-7853

Source VulDB

Published May 5, 2026 at 17:45

Modified May 5, 2026 at 18:46

Affected Product

Vendor D-Link

Product DI-8100

Version 16.07.26A1

Affected Versions D-Link DI-8100 16.07.26A1

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor D-Link

Product DI-8100

Version 16.07.26A1

References

{
    "lastseen": "",
    "description": "A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.",
    "published": "2026-05-05T17:45:14.044Z",
    "modified": "2026-05-05T18:46:18.528Z",
    "type": "cve",
    "title": "D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/361130\nhttps://vuldb.com/vuln/361130/cti\nhttps://vuldb.com/submit/807837\nhttps://github.com/draw-ctf/report/blob/main/DI-8100/auto_reboot_asp_overflow.md\nhttps://www.dlink.com/",
    "id": "CVE-2026-7853",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "D-Link DI-8100 16.07.26A1",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DI-8100",
    "version": "16.07.26A1",
    "vendor": "D-Link",
    "ai_description": "Buffer overflow vulnerability in D-Link DI-8100's HTTP Handler via the auto_reboot.asp file",
    "ai_severity": "Critical",
    "ai_vendor": "D-Link",
    "ai_product": "DI-8100",
    "ai_version": "16.07.26A1",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply