Description
A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Published: 2026-04-28
Score: 9.3 Critical
EPSS: 2.2% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The D‑Link DI‑8100 router is affected by an unchecked buffer overflow in the tgfile_htm CGI endpoint; the fn parameter is copied into a fixed‑size buffer without bounds checking, producing a classic stack corruption (CWE‑120) and an unsafe memory copy (CWE‑119). This flaw can be triggered remotely by sending a specially crafted HTTP request to tgfile.htm, enabling an attacker to write arbitrary data to memory and execute code with the privileges of the router’s web service. The impact is a complete compromise of the device if successfully exploited.

Affected Systems

Only the DI‑8100 model running firmware 16.07.26A1 is affected; other D‑Link router families or firmware revisions have not been reported as vulnerable.

Risk and Exploitability

The vulnerability has a CVSS score of 9.3, indicating critical severity, and a publicly available exploit demonstrates that exploitation is feasible. The EPSS score of 2% shows a low but non‑zero probability of exploitation, and the issue is not listed in the CISA KEV catalog. Because the attack can be launched from anywhere with network access to the device, the large population of exposed routers increases the risk of compromise.

Generated by OpenCVE AI on June 18, 2026 at 08:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from D‑Link that fixes the buffer overflow in the tgfile.htm CGI endpoint.
  • If an update is not yet available, block or restrict external access to the router’s administrative CGI interfaces by using network firewalls, ISP block lists, or physically isolating the device from untrusted networks.
  • Place the router on an isolated VLAN or subnet and limit inbound traffic to only essential services, reducing the attack surface.
  • Monitor the router for anomalous HTTP requests to tgfile.htm and block or quarantine IP addresses that attempt to trigger the overflow.

Generated by OpenCVE AI on June 18, 2026 at 08:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink di-8100
Dlink di-8100 Firmware
CPEs cpe:2.3:h:dlink:di-8100:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink di-8100
Dlink di-8100 Firmware

Wed, 29 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 28 Apr 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link di-8100
Vendors & Products D-link
D-link di-8100

Tue, 28 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Title D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}


Subscriptions

D-link Di-8100
Dlink Di-8100 Di-8100 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-29T14:21:29.693Z

Reserved: 2026-04-27T17:44:14.172Z

Link: CVE-2026-7248

cve-icon Vulnrichment

Updated: 2026-04-29T14:21:23.911Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-28T09:16:18.280

Modified: 2026-06-17T11:02:04.733

Link: CVE-2026-7248

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T08:45:03Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer

  • CWE-120

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')