Primary

Context

D-Link DI-8200 Buffer Overflow Vulnerability in yyxz_dlink_asp Function

Vulnerability

A buffer overflow vulnerability has been identified in the D-Link DI-8200 router, specifically in version 16.07.26A1. The issue arises in the yyxz_dlink_asp function, where the id parameter can be manipulated to overflow the buffer.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing the device to crash and become unresponsive.

Reproduction

The vulnerability can be reproduced by sending a request to the router's yyxz_dlink_asp function with an excessively long value in the id parameter. This overloads the buffer, causing a stack overflow that crashes the device.

Added: Jul 31, 2025, 6:27 PM

Updated: Jul 31, 2025, 7:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-8200 Buffer Overflow Vulnerability in yyxz_dlink_asp Function

Vulnerability

Impact

Reproduction

Affected Products

D-Link DI-8200

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating