Description
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.
Published: 2026-04-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Immediately
AI Analysis

Impact

A buffer overflow flaw exists in the D-Link DI-8003 router within the /user_group.asp endpoint. Because the system does not properly bound the name, mem, pri, and attr parameters, a crafted HTTP GET request can corrupt memory and potentially allow execution of arbitrary code. The vulnerability is a classic stack‑based overflow, classified under the weakness of improper restriction of operations within the bounds of a buffer. Attackers who exploit this flaw can gain covert control over the device, compromising confidentiality, integrity, and availability of the network it serves.

Affected Systems

The affected product is D‑Link DI‑8003 running firmware version 16.07.26A1. No other versions or vendors were listed, so remediation applies only to this specific firmware build.

Risk and Exploitability

The vulnerability is exposed via the web interface and can be triggered from any network that can reach the router’s HTTP service. No CVSS score is supplied, but a typical buffer‑overflow of this nature is regarded as high severity. EPSS is not available, and the vulnerability is not listed in CISA’s KEV catalog, yet the discovery of remote code execution likely leads to industry‑wide scrutiny. Without an official patch, the exploit remains theoretically possible if the router is still running the vulnerable firmware.

Generated by OpenCVE AI on April 8, 2026 at 19:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check D‑Link’s security bulletin for any firmware update addressing this issue
  • If an update is unavailable, restrict external access to the device’s web management interface by placing it behind a firewall or VPN
  • Consider temporarily disabling the /user_group.asp endpoint if feasible
  • Implement network segmentation to limit exposure of the router to untrusted traffic
  • Monitor logs for unusual HTTP GET requests targeting /user_group.asp

Generated by OpenCVE AI on April 8, 2026 at 19:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D‑Link DI‑8003 /user_group.asp Allows Remote Code Execution
First Time appeared Dlink
Dlink di-8003
Weaknesses CWE-119
Vendors & Products Dlink
Dlink di-8003

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.
References

Subscriptions

Dlink Di-8003
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-08T17:37:29.022Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-50664

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-08T19:24:17.033

Modified: 2026-04-08T21:26:13.410

Link: CVE-2025-50664

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T20:12:52Z

Weaknesses