Skip to content
CVSS 7.2 · HIGH

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Ver en NVD

Análisis

This is a vendor-specific firmware vulnerability for a D-Link DI-8100 router. It involves a stack-based buffer overflow in a specific ASP page. While the severity is high and remote exploitation is possible, this hardware is not part of the standard web or mobile development stack used by the community.

Severidad

Puntaje: 7.2(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: HIGH
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-119CWE-121

EPSS

Probabilidad de explotación (próx. 30 días): 0.0006 (0.1%)
Percentil: 17.1%
EPSS: 2026-05-06

Afecta

dlink:di-8100_firmwaredlink:di-8100

Descripción técnica

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Publicada: 5/5/2026, 18:16:03
Última modificación: 6/5/2026, 17:40:50

Referencias

InicioEventosBlogRecursosEquipo