Which versions of D-Link DI-8100 are affected by CVE-2026-7851?

D-Link DI-8100 router firmware 16.07.26A1 contains a stack-based buffer overflow vulnerability in the administrative interface that allows authenticated administrators to execute arbitrary code on…

Is there a public PoC exploit available for CVE-2026-7851?

Yes, a public proof-of-concept exploit is available for CVE-2026-7851. Prioritise patching immediately. EPSS: 0.1%.

D-Link DI-8100 CVE-2026-7851

Q: What is the CVSS score of CVE-2026-7851?

CVE-2026-7851 has a CVSS 4.0 base score of 7.3 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-27416 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-05-05 VulDB

GHSA-x4pj-ppv6-g6w7

Buffer Overflow D-Link Stack Overflow

7.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 05, 2026 - 18:30 vuln.today

CVSS changed

May 05, 2026 - 18:22 NVD

7.2 (HIGH) 7.3 (HIGH)

DescriptionNVD

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

AnalysisAI

Stack-based buffer overflow in D-Link DI-8100 router firmware 16.07.26A1 allows authenticated remote attackers with high privileges to execute arbitrary code via malformed ID parameter to yyxz.asp administrative interface. Public exploit code exists on GitHub, demonstrating reliable exploitation. …

RemediationAI

Within 24 hours: Identify all D-Link DI-8100 routers running firmware 16.07.26A1 in production and document their network location and administrative access controls. Within 7 days: Restrict administrative access to these devices to a minimal set of named administrators, enforce multi-factor authentication if supported, and segregate administrative management traffic to a protected network. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-4377 MEDIUM This Month

6.0 May 28

Weak default credential generation in the D-Link DWR-X1820 router exposes administrative access to adjacent-network atta

CVE-2026-7851 vulnerability details – vuln.today

Back

D-Link DI-8100 CVE-2026-7851

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

More from same product – last 7 days

Share

D-Link DI-8100 CVE-2026-7851

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Share

External POC / Exploit Code