Primary

Context

D-Link DI-8003 Buffer Overflow Vulnerability in the User.asp Endpoint

Vulnerability

A buffer overflow vulnerability has been identified in the D-Link DI-8003 router, specifically in the firmware version 16.07.26A1. The vulnerability arises from improper handling of the custom_error parameter in the /user.asp endpoint, which can be exploited to cause a stack overflow, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, resulting in a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send a request to the /user.asp endpoint with an excessively long custom_error parameter. This will trigger the buffer overflow by exceeding the allocated memory space for the parameter, causing a stack overflow.

Added: Apr 8, 2026, 9:11 PM

Updated: Apr 8, 2026, 9:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.3

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.3

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-8003 Buffer Overflow Vulnerability in the User.asp Endpoint

Vulnerability

Impact

Reproduction

Affected Products

D-Link DI-8003

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating