Primary

Context

D-Link DI-8003 Buffer Overflow Vulnerability in the /url_rule.asp Endpoint

Vulnerability

A buffer overflow vulnerability has been identified in the D-Link DI-8003 router, specifically in version 16.07.26A1. The vulnerability arises from improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this issue by sending a crafted HTTP GET request that includes the parameters name, en, ips, u, time, act, rpri, and log.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, causing a denial-of-service condition on the device.

Reproduction

To reproduce this vulnerability, send an HTTP GET request to the /url_rule.asp endpoint with crafted values that exceed the buffer size for the name, en, ips, u, time, act, rpri, and log parameters. The excessive length of these parameters will trigger the buffer overflow.

Added: Apr 8, 2026, 9:09 PM

Updated: Apr 8, 2026, 9:09 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

8.1

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

8.1

remediation

0.0

relevance

5.5

threat

1.6

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-8003 Buffer Overflow Vulnerability in the /url_rule.asp Endpoint

Vulnerability

Impact

Reproduction

Affected Products

D-Link DI-8003

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating