Description
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log.
Published: 2026-04-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution
Action: Patch immediately
AI Analysis

Impact

A buffer overflow exists in the /url_rule.asp endpoint of the D‑Link DI‑8003 router. Improper handling of nine HTTP GET parameters (name, en, ips, u, time, act, rpri, and log) can corrupt memory. This classic buffer overrun (CWE‑120/CWE‑119) enables an attacker who can send a crafted request to execute arbitrary code or crash the device.

Affected Systems

The flaw is identified only on the D‑Link DI‑8003 model running firmware revision 16.07.26A1. No other D‑Link products are listed as affected.

Risk and Exploitability

The likely attack vector is remote HTTP traffic; an adversary can reach the vulnerable endpoint from the Internet if the router’s web interface is exposed. CSFC and EPSS data are unavailable, and the vulnerability is not included in the CISA KEV catalog, so an official severity rating is unknown. Nevertheless, the nature of the buffer overflow suggests the potential for full remote code execution or denial of service, placing the risk at a high level when the device is reachable from untrusted networks. Based on the description, it is inferred that exploitation would require sending a specially crafted GET request containing the vulnerable parameters.

Generated by OpenCVE AI on April 8, 2026 at 20:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the firmware to a version that fixes the /url_rule.asp buffer overflow; consult the D‑Link security bulletin for the latest release.
  • If a patch is not immediately available, block or restrict access to the /url_rule.asp endpoint using firewall rules or ACLs, limiting it to trusted local IP ranges.
  • Change the default administrative credentials and enforce strong passwords to reduce the impact of any successful exploitation.
  • Monitor device logs for abnormal GET requests containing the affected parameters and investigate any irregular activity.

Generated by OpenCVE AI on April 8, 2026 at 20:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D-Link DI‑8003 /url_rule.asp Endpoint Allows Remote Exploitation
First Time appeared D-link
D-link di-8003
Weaknesses CWE-119
CWE-120
Vendors & Products D-link
D-link di-8003

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log.
References

Subscriptions

D-link Di-8003
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-08T17:35:03.053Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-50661

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-08T19:24:16.693

Modified: 2026-04-08T21:26:13.410

Link: CVE-2025-50661

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:28:26Z

Weaknesses