D-Link DI-8100 HTTP Request menu_nat.asp stack-based overflow

July 18, 2025 invoker category_cve

CVE Details

Basic Information

Title	D-Link DI-8100 HTTP Request menu_nat.asp stack-based overflow
Type	cve
Published	2025-07-18T15:32:06.709Z
Modified	2025-07-18T15:32:06.709Z

Product Information

Vendor	D-Link
Product	DI-8100
Version	16.07.26A1

CVSS Information

Base Score	8.7 (HIGH)
Attack Vector	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Affected Products

D-Link DI-8100 16.07.26A1

Additional Information

CWE List	CWE-121, CWE-119
Source	VulDB

Description

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References

https://vuldb.com/?id.316851
https://vuldb.com/?ctiid.316851
https://vuldb.com/?submit.616196
https://github.com/XiDP0/MyCVE/blob/main/CVE/D-Link%20DI_8100-16.07.26A1/menu_nat_asp/menu_nat_asp.md
https://www.dlink.com/

View Full CVE Details