What is the CVSS score of CVE-2025-50654?

CVE-2025-50654 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of D-Link are affected by CVE-2025-50654?

D-Link DI-8003 routers running firmware 16.07.26A1 contain an unauthenticated buffer overflow vulnerability that allows remote attackers to crash affected devices, disrupting network availability.

How to fix or mitigate CVE-2025-50654?

Within 24 hours: Inventory all D-Link DI-8003 devices and confirm firmware version 16.07.26A1 presence; isolate affected routers to a restricted management network if patch unavailable. Within 7 days: Contact D-Link support to confirm patch timeline and explore firmware update options; implement network-based controls (WAF/IPS rules) to block malformed requests to /thd_member.asp endpoint. Within 30 days: Replace or upgrade affected DI-8003 units to supported firmware versions if vendor releases patches; conduct post-remediation validation testing.

D-Link CVE-2025-50654

EUVD-2025-209335 HIGH

Classic Buffer Overflow (CWE-120)

2026-04-08 mitre

Buffer Overflow D-Link

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 22, 2026 - 16:22 vuln.today

cvss_changed

EUVD ID Assigned

Apr 08, 2026 - 19:31 euvd

EUVD-2025-209335

Analysis Generated

Apr 08, 2026 - 19:31 vuln.today

CVE Published

Apr 08, 2026 - 00:00 nvd

HIGH 7.5

DescriptionNVD

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in the /thd_member.asp endpoint.

AnalysisAI

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks through malformed id parameter in /thd_member.asp endpoint. Exploiting this CWE-120 flaw requires no authentication (CVSS:PR:N) and permits network-based attackers to crash device availability with low complexity. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%). Affects D-Link network infrastructure devices running vulnerable firmware version.

Technical ContextAI

CWE-120 stack-based or heap-based buffer overflow in /thd_member.asp endpoint web interface processing. Insufficient bounds checking on id parameter allows oversized input to corrupt memory structures, triggering service crash. Network-accessible attack vector (AV:N) with no preconditions beyond reachability of management interface. Exclusively impacts availability (CVSS:C:N/I:N/A:H).

RemediationAI

No vendor-released patch identified at time of analysis. Consult D-Link security bulletin at https://www.dlink.com/en/security-bulletin/ for firmware updates addressing CVE-2025-50654. Until patched firmware becomes available, implement network-layer access controls restricting management interface exposure to trusted administrative networks only. Deploy firewall rules blocking external access to /thd_member.asp and related web management paths. Monitor D-Link advisories for 16.07.26A1 successor release. Consider device replacement if vendor discontinues support. Disable remote administration features if operationally feasible.