How to fix EUVD-2025-209351?

24 hours: Identify all D-Link DI-8003 routers in production via asset inventory and firmware version checks (specifically 16.07.26A1); isolate affected devices from untrusted networks if possible. 7 days: Implement network access controls to restrict HTTP access to the /user_group.asp endpoint via firewall rules or WAF policies; monitor D-Link security advisories and the CISA vulnerability database for patch availability updates. 30 days: Apply vendor-released patch to firmware when available; conduct full network access reviews for remote management interfaces on all edge networking equipment.

Is Stack Overflow affected by EUVD-2025-209351?

D-Link DI-8003 routers running firmware 16.07.26A1 are vulnerable to unauthenticated remote denial-of-service attacks through a stack-based buffer overflow in the HTTP interface, allowing attackers to crash the device without authentication.

EUVD-2025-209351

| CVE-2025-50664 HIGH

2026-04-08 mitre

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 08, 2026 - 19:31 vuln.today

EUVD ID Assigned

Apr 08, 2026 - 19:31 euvd

EUVD-2025-209351

CVE Published

Apr 08, 2026 - 00:00 nvd

HIGH 7.5

Description

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.

Analysis

Stack-based buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service via malformed HTTP GET request to /user_group.asp endpoint. Attacker sends crafted name, mem, pri, or attr parameters triggering memory corruption and device crash. CVSS 7.5 High severity reflects network-accessible attack requiring no privileges or user interaction. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS <1%).

Technical Context

CWE-121 stack overflow in user_group.asp parameter parsing logic. Insufficient bounds checking on GET-supplied string inputs (name, mem, pri, attr) allows attacker-controlled data to exceed allocated stack buffer size, causing memory overwrite and availability impact. Router firmware lacks input validation guards.

Affected Products

D-Link DI-8003 router, firmware version 16.07.26A1. Vendor D-Link Corporation. Specific CPE unavailable in published data.

Remediation

No vendor-released patch identified at time of analysis per D-Link security bulletin (https://www.dlink.com/en/security-bulletin/). Monitor D-Link advisory page for firmware updates addressing CVE-2025-50664. Interim mitigations: disable remote management interfaces, restrict /user_group.asp access via firewall ACLs to trusted IPs only, place affected DI-8003 devices behind network segmentation boundaries. If device is end-of-life or no patch forthcoming, replace with supported hardware. Consult VulDB advisory (https://vuldb.com/vuln/356312) and vendor bulletin for evolving remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

EUVD-2025-209351 vulnerability details – vuln.today

Back

EUVD-2025-209351

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-209351

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code