Description
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
Published: 2026-04-08
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

A buffer overflow flaw has been found in the radius_asp function of several D‑Link DI‑series routers. By supplying specially crafted values for the parameters rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, or rd_ip, an attacker can overflow a buffer and crash the web service, resulting in a loss of availability. The weakness is a classic buffer overrun governed by CWE‑119.

Affected Systems

The affected devices include D‑Link DI‑8003, DI‑8500, DI‑8003G, DI‑8200G, DI‑8200, DI‑8400, DI‑8004w, DI‑8100, and DI‑8100G routers. The firmware versions listed are v16.07.26A1, v17.12.21A1, and v17.12.20A1.

Risk and Exploitability

The vulnerability allows an attacker to cause a denial of service by sending a crafted HTTP request to the device’s web interface. The description mentions the parameters explicitly, so it is inferred that the attack can be performed remotely from the network and no prior authentication is required. No CVSS or EPSS score is provided, but the nature of the flaw suggests a reasonable likelihood of successful exploitation for an attacker who can reach the device. The issue is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on April 8, 2026 at 19:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware released by D‑Link that addresses the radius_asp buffer overflow.
  • If an update is not yet available, isolate the device on a separate network segment or restrict access to the HTTP interface with firewall rules.
  • Disable or restrict the RADIUS parameters (rd_en, rd_auth, etc.) if they are not needed for network operation.
  • Monitor device logs for repeated or malformed requests to the radius_asp endpoint to detect abuse attempts.

Generated by OpenCVE AI on April 8, 2026 at 19:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link di-8003
D-link di-8003g
D-link di-8004w
D-link di-8100
D-link di-8100g
D-link di-8200
D-link di-8200g
D-link di-8400
D-link di-8500
Vendors & Products D-link
D-link di-8003
D-link di-8003g
D-link di-8004w
D-link di-8100
D-link di-8100g
D-link di-8200
D-link di-8200g
D-link di-8400
D-link di-8500

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow in D‑Link DI‑Series Firmware Causes Denial of Service
Weaknesses CWE-119

Wed, 08 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Description D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
References

Subscriptions

D-link Di-8003 Di-8003g Di-8004w Di-8100 Di-8100g Di-8200 Di-8200g Di-8400 Di-8500
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-10T15:42:31.084Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-52222

cve-icon Vulnrichment

Updated: 2026-04-10T13:10:54.504Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-04-08T18:24:51.373

Modified: 2026-04-10T16:16:30.090

Link: CVE-2025-52222

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:22:51Z

Weaknesses