CVE-2025-50667

| EUVD-2025-209357 HIGH
2026-04-08 mitre
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Apr 08, 2026 - 19:31 vuln.today
EUVD ID Assigned
Apr 08, 2026 - 19:31 euvd
EUVD-2025-209357
CVE Published
Apr 08, 2026 - 00:00 nvd
HIGH 7.5

Tags

D-Link Buffer Overflow

Description

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint.

Analysis

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial of service via malicious iface parameter to /wan_line_detection.asp endpoint. Attack requires no user interaction and exploits improper input validation in network-accessible web management interface. CVSS 7.5 (High) severity reflects availability impact; no public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

Technical Context

Classic stack-based buffer overflow (CWE-120) in web server handling of iface parameter during WAN line detection processing. Improper bounds checking allows oversized input to corrupt memory, triggering service crash. CVSS vector AV:N/AC:L/PR:N confirms network-accessible, low-complexity attack requiring no privileges.

Affected Products

D-Link DI-8003 industrial router, firmware version 16.07.26A1. Vendor: D-Link Corporation. Specific CPE unavailable; applies to identified firmware build only.

Remediation

No vendor-released patch identified at time of analysis. Consult D-Link security bulletin at https://www.dlink.com/en/security-bulletin/ for firmware updates. Immediate mitigations: restrict web management interface access to trusted networks via firewall rules, disable remote administration if not operationally required, implement IP allowlisting for administrative access. Monitor D-Link advisory page and NVD entry https://nvd.nist.gov/vuln/detail/CVE-2025-50667 for patch availability. Consider hardware replacement if device reaches end-of-life without security updates, as buffer overflows in network-facing services pose persistent availability risk.

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +38
POC: 0

Share

CVE-2025-50667 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy