Which versions of D-Link DI-8100 are affected by CVE-2026-7247?

D-Link DI-8100 routers running firmware 16.07.26A1 contain a buffer overflow vulnerability in the file extension handler that allows authenticated administrators to gain complete system control.

D-Link DI-8100 CVE-2026-7247

Q: What is the CVSS score of CVE-2026-7247?

CVE-2026-7247 has a CVSS 4.0 base score of 7.3 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-26018 HIGH

Buffer Overflow (CWE-119)

2026-04-28 cna@vuldb.com

Buffer Overflow D-Link

7.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 28, 2026 - 20:38 vuln.today

cvss_changed

Analysis Generated

Apr 28, 2026 - 09:32 vuln.today

EUVD ID Assigned

Apr 28, 2026 - 09:22 euvd

EUVD-2026-26018

Analysis Generated

Apr 28, 2026 - 09:22 vuln.today

CVE Published

Apr 28, 2026 - 09:16 nvd

HIGH 7.3

DescriptionNVD

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

AnalysisAI

Buffer overflow in D-Link DI-8100 router firmware 16.07.26A1 allows authenticated administrators to execute arbitrary code remotely via crafted file extension names. The vulnerability affects the file_exten.asp File Extension Handler component, with a publicly available exploit (E:P in CVSS vector). …

RemediationAI

Within 24 hours: Inventory all D-Link DI-8100 routers and document current firmware versions; restrict administrative access to network admin personnel only and enforce strong unique passwords. Within 7 days: Contact D-Link support to confirm patch availability timeline for firmware versions beyond 16.07.26A1; implement network segmentation to isolate router management interfaces. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-4377 MEDIUM This Month

6.0 May 28

Weak default credential generation in the D-Link DWR-X1820 router exposes administrative access to adjacent-network atta

CVE-2026-7247 vulnerability details – vuln.today

Back

D-Link DI-8100 CVE-2026-7247

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

D-Link DI-8100 CVE-2026-7247

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code