A buffer overflow occurs in the http_lanport parameter that is processed by the /webgl.asp endpoint on the D-Link DI-8003 device. The vulnerability arises from improper handling of input data, leading to a memory overwrite that could allow a malicious actor to execute arbitrary code. The impact is severe as it permits attackers to gain full control of the device and, if the device is a critical network gateway, to compromise the network it serves.

The disclosed risk applies to D-Link DI-8003 routers running firmware version 16.07.26A1. No other product versions or variants are confirmed to be affected, but the issue may exist in other firmware releases that share the same code path.

No CVSS or EPSS metrics are provided, yet a buffer overflow indicates a high severity potential for exploitation. An attacker would need access to the router’s web interface, either from the local network or via a publicly exposed management console. The absence of a public exploit or patch does not reduce the inherent risk associated with memory corruption, so the vulnerability remains a critical threat if the device is exposed to untrusted traffic.