What is the CVSS score of CVE-2025-50659?

CVE-2025-50659 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of D-Link are affected by CVE-2025-50659?

CVE-2025-50659 is a remote denial-of-service vulnerability in D-Link DI-8003 routers (firmware 16.07.26A1) that allows unauthenticated attackers to crash the device through a network request,…

How to fix or mitigate CVE-2025-50659?

Within 24 hours: Audit your network inventory to identify all D-Link DI-8003 routers running firmware version 16.07.26A1 and isolate them from untrusted networks if possible. Within 7 days: Contact D-Link support to confirm patch availability status and request firmware updates; implement network segmentation to restrict access to /user.asp endpoint. Within 30 days: Deploy replacement routers or upgrade to patched firmware versions once available from D-Link, or deploy Web Application Firewall (WAF) rules to filter malformed custom_error parameters to the /user.asp endpoint as an interim control.

D-Link CVE-2025-50659

EUVD-2025-209341 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-04-08 mitre

GHSA-rp5p-fr9g-xq7m

Buffer Overflow D-Link Stack Overflow

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 22, 2026 - 16:22 vuln.today

cvss_changed

EUVD ID Assigned

Apr 08, 2026 - 19:31 euvd

EUVD-2025-209341

Analysis Generated

Apr 08, 2026 - 19:31 vuln.today

CVE Published

Apr 08, 2026 - 00:00 nvd

HIGH 7.5

DescriptionNVD

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint.

AnalysisAI

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service via malformed custom_error parameter to /user.asp endpoint. Attackers can crash device remotely without credentials by exploiting stack-based buffer overflow (CWE-121). CVSS 7.5 reflects network-accessible, low-complexity attack requiring no user interaction. No public exploit identified at time of analysis; low observed exploitation activity (EPSS 0.02%).

Technical ContextAI

Stack-based buffer overflow (CWE-121) triggered by unbounded input to custom_error parameter in /user.asp handler. Firmware version 16.07.26A1 lacks input validation, allowing oversized data to overwrite stack memory. Network vector (AV:N) with no authentication requirement (PR:N) enables remote exploitation targeting availability (A:H).

RemediationAI

No vendor-released patch identified at time of analysis. D-Link has not published firmware updates addressing CVE-2025-50659 for DI-8003 16.07.26A1 per official security bulletin at https://www.dlink.com/en/security-bulletin/. Organizations should immediately isolate affected DI-8003 devices from untrusted networks, restrict management interface access via firewall rules permitting only trusted IP ranges, and disable remote administration features. Monitor D-Link security advisories for forthcoming patches. Consider hardware replacement if device reaches end-of-life status without vendor support. Implement network segmentation to limit blast radius of potential DoS attacks.