Skip to content
CVSS 7.2 · HIGH

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

View on NVD

Analysis

This is a vendor-specific firmware vulnerability for a D-Link DI-8100 router. It involves a stack-based buffer overflow in a specific ASP page. While the severity is high and remote exploitation is possible, this hardware is not part of the standard web or mobile development stack used by the community.

Severity

Score: 7.2(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: HIGH
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-119CWE-121

EPSS

Probability of exploitation (next 30 days): 0.0006 (0.1%)
Percentile: 17.1%
EPSS: 2026-05-06

Affects

dlink:di-8100_firmwaredlink:di-8100

Technical description

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Published: 5/5/2026, 6:16:03 PM
Last modified: 5/6/2026, 5:40:50 PM

References

HomeEventsBlogResourcesTeam