Description
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint.
Published: 2026-04-08
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerable component is the /thd_group.asp endpoint of the D-Link DI-8003 device. Improper handling of the name parameter allows an attacker to trigger a buffer overflow. When executed, this overflow can lead to arbitrary code execution, allowing an attacker to take full control of the device and compromise confidential data or disrupt network services. The weakness corresponds to CWE-121, stack-based buffer overflow.

Affected Systems

The flaw affects D-Link DI‑8003 routers running firmware version 16.07.26A1. No other firmware versions or models are indicated as vulnerable in the supplied data.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity vulnerability. The EPSS score of less than 1% suggests that exploit activity is currently rare. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote, via the device’s web interface, because the name parameter is exposed through an HTTP endpoint. Exploitation would require network connectivity to the device, and may be possible even without privileged local access if the web interface is publicly reachable.

Generated by OpenCVE AI on April 13, 2026 at 15:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply an updated firmware version that includes the buffer overflow fix provided by D‑Link.
  • If no firmware update is available, block or restrict access to the /thd_group.asp endpoint using network firewall rules or VLAN segmentation.
  • As a temporary countermeasure, limit the length of the name parameter to the maximum expected value to mitigate the overflow, if supported by the device configuration interface.
  • Monitor the device for anomalous activity and audit logs for signs of exploitation attempts.

Generated by OpenCVE AI on April 13, 2026 at 15:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 16:00:00 +0000

Type Values Removed Values Added
References

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D‑Link DI‑8003 /thd_group.asp Endpoint
Weaknesses CWE-119

Fri, 10 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink di-8003 Firmware
CPEs cpe:2.3:h:dlink:di-8003:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:di-8003_firmware:16.07.26a1:*:*:*:*:*:*:*
Vendors & Products Dlink di-8003 Firmware

Fri, 10 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D‑Link DI‑8003 /thd_group.asp Endpoint
Weaknesses CWE-119

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink di-8003
Vendors & Products Dlink
Dlink di-8003

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint.
References

Subscriptions

Dlink Di-8003 Di-8003 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-22T15:35:12.405Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-50655

cve-icon Vulnrichment

Updated: 2026-04-10T17:41:07.648Z

cve-icon NVD

Status : Modified

Published: 2026-04-08T19:24:16.257

Modified: 2026-04-22T16:16:50.420

Link: CVE-2025-50655

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:40:31Z

Weaknesses