CVE-2025-7603

| EUVD-2025-21344 HIGH
2025-07-14 [email protected]
7.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 09:43 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 09:43 euvd
EUVD-2025-21344
PoC Detected
Jul 16, 2025 - 14:32 vuln.today
Public exploit code
CVE Published
Jul 14, 2025 - 13:15 nvd
HIGH 7.2

Tags

Buffer Overflow D-Link RCE Di 8100 Firmware

Description

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7603 is a critical stack-based buffer overflow vulnerability in D-Link DI-8100 firmware version 16.07.26A1, affecting the HTTP Request Handler component (/jingx.asp file). An authenticated remote attacker with high privileges can exploit this vulnerability to achieve complete compromise of the device, including code execution, data theft, and denial of service. A public proof-of-concept exploit exists, increasing real-world exploitation risk.

Technical Context

The vulnerability resides in the D-Link DI-8100 router's HTTP request handler, specifically within the /jingx.asp file processing. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), manifesting as a stack-based buffer overflow. This occurs when user-supplied input from HTTP requests is copied into a fixed-size stack buffer without proper bounds checking. The affected CPE is likely: cpe:2.3:o:d-link:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:* and cpe:2.3:h:d-link:di-8100:*:*:*:*:*:*:*:*. The HTTP Request Handler component processes unvalidated input, allowing stack memory corruption and potential arbitrary code execution through stack frame manipulation and return address overwriting.

Affected Products

[{'vendor': 'D-Link', 'product': 'DI-8100', 'affected_versions': ['16.07.26A1'], 'component': 'HTTP Request Handler (/jingx.asp)', 'device_type': 'Broadband Router', 'cpe': 'cpe:2.3:o:d-link:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:*'}]

Remediation

Immediate actions: (1) Contact D-Link support to determine if firmware patches are available for the DI-8100 device; (2) If firmware updates exist, apply them immediately to the affected device; (3) If no patches are available and the device is end-of-life, strongly consider hardware replacement with a current, supported model; (4) Implement network segmentation to restrict access to device administration interfaces—limit /jingx.asp access to trusted administrative networks only via firewall rules; (5) Enforce strong authentication credentials and disable default passwords on the device; (6) Monitor for suspicious HTTP requests to /jingx.asp with abnormally large payloads or encoded content; (7) Consider disabling remote management features if not required; (8) Review D-Link security advisories at https://www.dlink.com/en/security for any available patches or workarounds; (9) If the device is internet-facing, immediately move it behind a NAT firewall with restricted port access.

Priority Score

56
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +36
POC: +20

Share

CVE-2025-7603 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy