Skip to content
CVSS 7.2 · HIGH

CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Ver en NVD

Análisis

This vulnerability is a remote buffer overflow affecting the CGI handler in specific D-Link DI-8100 router firmware. As it is limited to vendor-specific hardware firmware and does not impact general software development tools or server infrastructure, it does not warrant community attention.

Severidad

Puntaje: 7.2(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: HIGH
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-119CWE-120

EPSS

Probabilidad de explotación (próx. 30 días): 0.0006 (0.1%)
Percentil: 17.1%
EPSS: 2026-05-06

Afecta

dlink:di-8100_firmwaredlink:di-8100

Descripción técnica

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Publicada: 5/5/2026, 20:16:41
Última modificación: 6/5/2026, 17:28:10

Referencias

InicioEventosBlogRecursosEquipo