Description
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Published: 2026-04-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via buffer overflow
Action: Patch Update
AI Analysis

Impact

The vulnerability is a buffer overflow triggered by an attacker supplying a crafted "ip" parameter to the ip_position_asp function in the D‑Link DI‑8300 firmware. This overflow allows the attacker to overrun memory boundaries and crash the device, resulting in a denial of service. The weakness corresponds to improper buffer bounds checks and input validation issues.

Affected Systems

The affected device is the D‑Link DI‑8300, specifically firmware version 16.07.26A1. No other vendors or products are listed.

Risk and Exploitability

The risk is classified as a denial of service; it can be triggered by sending a specially constructed request to the vulnerable function, suggesting a network-based attack vector. No EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, implying current exploitation evidence is limited. The absence of a public CVSS score makes the severity difficult to quantify, but the impact can disrupt networked services until the device is rebooted or patched.

Generated by OpenCVE AI on April 8, 2026 at 18:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the DI‑8300 firmware to the latest release that contains the fix for the buffer overflow.
  • If a firmware update is not immediately available, isolate the device behind a firewall and block inbound access to the vulnerable web interface or IP range.
  • Monitor device logs for repeated crash attempts and verify that the update has been successfully applied.

Generated by OpenCVE AI on April 8, 2026 at 18:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D-Link DI-8300 Leading to Denial of Service
Weaknesses CWE-119
CWE-20

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink di-8300
Vendors & Products Dlink
Dlink di-8300

Wed, 08 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Description D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
References

Subscriptions

Dlink Di-8300
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-08T17:05:26.432Z

Reserved: 2025-04-22T00:00:00.000Z

Link: CVE-2025-45057

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-08T18:24:45.597

Modified: 2026-04-08T21:26:13.410

Link: CVE-2025-45057

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:44:43Z

Weaknesses