Skip to main content

Di 8100 Firmware EUVDEUVD-2025-19507

| CVE-2025-6881 HIGH
Buffer Overflow (CWE-119)
2025-06-30 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 16, 2026 - 01:25 euvd
EUVD-2025-19507
Analysis Generated
Mar 16, 2026 - 01:25 vuln.today
PoC Detected
Jul 08, 2025 - 14:18 vuln.today
Public exploit code
CVE Published
Jun 30, 2025 - 02:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Technical ContextAI

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state.

RemediationAI

Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

CVE-2025-3538 HIGH POC
8.7 Apr 13

A vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.7), this vulnerability is no authent

CVE-2024-44375 HIGH POC
7.5 Sep 09

D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. Rated high severity (CVSS 7.5),

CVE-2025-7603 HIGH POC
7.2 Jul 14

CVE-2025-7603 is a critical stack-based buffer overflow vulnerability in D-Link DI-8100 firmware version 16.07.26A1, aff

CVE-2025-7602 HIGH POC
7.2 Jul 14

CVE-2025-7602 is a critical stack-based buffer overflow vulnerability in D-Link DI-8100 firmware version 16.07.26A1 affe

CVE-2025-28398 HIGH POC
7.1 Apr 01

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. Rat

CVE-2025-28395 HIGH POC
7.1 Apr 01

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Rat

CVE-2024-52711 MEDIUM POC
5.7 Nov 19

DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. Rated medium

CVE-2024-7436 MEDIUM POC
5.3 Aug 03

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.htm. Rated medium severity (CV

CVE-2024-7833 MEDIUM
5.3 Aug 15

A vulnerability was found in D-Link DI-8100 16.07. Rated medium severity (CVSS 5.3), this vulnerability is remotely expl

CVE-2025-51281 HIGH POC
7.0 Aug 25

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. R

CVE-2025-5228 HIGH POC
8.7 May 27

A vulnerability was found in D-Link DI-8100 up to 20250523. Rated high severity (CVSS 8.7), this vulnerability is no aut

CVE-2025-44083 CRITICAL
9.8 May 21

An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication. Rated criti

Share

EUVD-2025-19507 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy