Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-7602 is a critical stack-based buffer overflow vulnerability in D-Link DI-8100 firmware version 16.07.26A1 affecting the /arp_sys.asp HTTP endpoint. An authenticated remote attacker with high privileges can exploit this vulnerability to achieve arbitrary code execution, potentially compromising device integrity, confidentiality, and availability. Public exploit code is available, elevating real-world risk despite the CVSS 7.2 score.
Technical ContextAI
The vulnerability exists in the HTTP Request Handler component processing the /arp_sys.asp file on D-Link DI-8100 network devices (CPE: cpe:2.3:o:d-link:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:*). The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically a stack-based buffer overflow. This occurs when user-supplied input from HTTP requests is copied into a fixed-size stack buffer without proper bounds checking, allowing an attacker to overflow the buffer and overwrite the stack, potentially hijacking program control flow. The /arp_sys.asp endpoint processes ARP system configuration requests, and the overflow likely stems from inadequate input validation on parameters passed to this ASP handler.
RemediationAI
Immediate actions: (1) Upgrade D-Link DI-8100 firmware to the latest patched version beyond 16.07.26A1; contact D-Link support for availability of security patches (vendor advisory: https://support.d-link.com should be checked for CVE-2025-7602 patch notes); (2) Restrict administrative access to the DI-8100 management interface using network ACLs and VPN, limiting access to trusted administrative IPs only; (3) Disable or restrict HTTP access to /arp_sys.asp endpoint if not required through firewall rules or device-level access controls; (4) Implement strong, unique passwords for all administrative accounts; (5) Monitor device logs for suspicious HTTP requests to /arp_sys.asp with unusual input parameters; (6) Consider network segmentation to isolate the DI-8100 from untrusted administrative networks. Long-term: implement automated firmware update policies and maintain security patch subscriptions with D-Link.
More in Di 8100 Firmware
View allA vulnerability was found in D-Link DI-8100 16.07.26A1. Rated high severity (CVSS 8.7), this vulnerability is no authent
A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unkn
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. Rated high severity (CVSS 7.5),
CVE-2025-7603 is a critical stack-based buffer overflow vulnerability in D-Link DI-8100 firmware version 16.07.26A1, aff
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter. Rat
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter. Rat
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. Rated medium
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.htm. Rated medium severity (CV
A vulnerability was found in D-Link DI-8100 16.07. Rated medium severity (CVSS 5.3), this vulnerability is remotely expl
D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. R
A vulnerability was found in D-Link DI-8100 up to 20250523. Rated high severity (CVSS 8.7), this vulnerability is no aut
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication. Rated criti
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-21345