Primary

Context

D-Link DI-8003 Buffer Overflow Vulnerability in thd_member.asp Endpoint

Vulnerability

A buffer overflow vulnerability has been identified in the D-Link DI-8003 router, specifically in the firmware version 16.07.26A1. The vulnerability arises from inadequate validation of the 'id' parameter in the '/thd_member.asp' endpoint, which can be exploited to cause a stack overflow, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by triggering a buffer overflow that disrupts normal device operation.

Reproduction

To reproduce this vulnerability, send a request to the '/thd_member.asp' endpoint with an overly long 'id' parameter. The excessive length of the parameter will cause a buffer overflow, disrupting the device's normal functioning.

Added: Apr 8, 2026, 9:15 PM

Updated: Apr 8, 2026, 9:15 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.3

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.3

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-8003 Buffer Overflow Vulnerability in thd_member.asp Endpoint

Vulnerability

Impact

Reproduction

Affected Products

D-Link DI-8003

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating