How to fix CVE-2025-45058?

Within 24 hours: Identify all D-Link DI-8300 routers in production and verify firmware version via device management interface. Within 7 days: Contact D-Link support to confirm patched firmware availability and obtain timeline for v16.07.26A1 replacement release; implement network segmentation to restrict external access to affected router management interfaces where feasible. Within 30 days: Deploy patched firmware across all affected devices upon vendor release, or replace devices if no patch timeline is provided by D-Link.

Is D-Link affected by CVE-2025-45058?

CVE-2025-45058 affects D-Link DI-8300 routers running firmware v16.07.26A1, allowing unauthenticated remote attackers to remotely crash the device through a buffer overflow vulnerability.

CVE-2025-45058

EUVD-2025-209310 HIGH

2026-04-08 mitre

GHSA-9hfh-f4vw-87qr

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 08, 2026 - 18:16 vuln.today

EUVD ID Assigned

Apr 08, 2026 - 18:16 euvd

EUVD-2025-209310

CVE Published

Apr 08, 2026 - 00:00 nvd

HIGH 7.5

Description

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingx_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Analysis

Buffer overflow in D-Link DI-8300 router firmware v16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed fx parameter input to the jingx_asp function. Network-accessible exploitation requires no authentication or user interaction (CVSS AV:N/PR:N/UI:N). Impact limited to availability disruption; no data confidentiality or integrity compromise. No public exploit identified at time of analysis. EPSS 0.02% indicates low observed exploitation activity.

Technical Context

CWE-120 classic buffer overflow in jingx_asp function handler fails to validate fx parameter length boundaries before memory operations. Unchecked input copying enables stack/heap corruption triggering process crash. CVSS vector AC:L indicates trivial exploitation complexity against network-exposed embedded device management interface.

Affected Products

D-Link DI-8300 industrial router, firmware version 16.07.26A1. Vendor: D-Link Corporation. Single confirmed vulnerable version; broader version range impact unknown.

Remediation

No vendor-released patch identified at time of analysis. D-Link has not published firmware updates addressing CVE-2025-45058 per security bulletin https://www.dlink.com/en/security-bulletin/. Immediate mitigations: (1) disable remote management interface access, restricting administrative functions to trusted internal networks only; (2) implement strict firewall rules blocking external access to web management ports (typically TCP 80/443); (3) deploy network segmentation isolating affected devices from untrusted zones; (4) monitor D-Link security advisories for forthcoming patches. Organizations unable to implement network controls should consider hardware replacement with actively supported alternatives. Verify product support status at https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI-8300 as legacy devices may receive limited security maintenance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2025-45058 vulnerability details – vuln.today

Back

CVE-2025-45058

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-45058

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code