Description
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.
Published: 2026-04-08
Score: n/a
EPSS: n/a
KEV: No
Impact: Remote Code Execution and Denial of Service
Action: Immediate Patch
AI Analysis

Impact

A buffer overflow occurs when the wan_ping parameter is processed in the /wan_ping.asp web endpoint. This flaw can allow an attacker to supply specially crafted input that overflows an internal buffer, potentially leading to arbitrary code execution or a crash that disrupts router operation. The weakness is a classic buffer overflow vulnerability.

Affected Systems

The defect affects D‑Link DI‑8003 running firmware 16.07.26A1 and D‑Link DI‑8003G running firmware 19.12.10A1. These models expose the vulnerable endpoint through the web interface used for managing WAN ping settings.

Risk and Exploitability

The CVSS score and EPSS rating are not available, and the vulnerability is not listed in the CISA KEV catalog. However, the likely attack vector is remote via the publicly accessible /wan_ping.asp page, meaning an external adversary could trigger the flaw with an HTTP request. Given the nature of the vulnerability, successful exploitation could compromise confidentiality, integrity, or availability of the device.

Generated by OpenCVE AI on April 8, 2026 at 19:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update released by D‑Link for the DI‑8003 and DI‑8003G devices.
  • If an update cannot be applied immediately, disable the WAN ping feature in the router’s web interface to remove the vulnerable entry point.
  • Configure firewall rules to block external access to the /wan_ping.asp endpoint or to the router’s web management interface.
  • Monitor the device for unusual traffic patterns or repeated failure logs that might indicate exploitation attempts.

Generated by OpenCVE AI on April 8, 2026 at 19:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D‑Link DI‑8003/DI‑8003G via Wan_Ping Parameter
Weaknesses CWE-120

Wed, 08 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
Description A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-08T17:47:29.625Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-50669

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-08T19:24:17.580

Modified: 2026-04-08T21:26:13.410

Link: CVE-2025-50669

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:44:31Z

Weaknesses