Description
A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Published: 2026-04-28
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The D‑Link DI‑8100 router is affected by a buffer overflow in the tgfile_htm CGI endpoint; the fn parameter can overflow a fixed‑size buffer, potentially corrupting adjacent memory and allowing an attacker to execute arbitrary code on the device. The flaw is triggered remotely by sending specially crafted HTTP requests to the CGI endpoint, which can lead to a complete compromise of the router if successfully exploited.

Affected Systems

The vulnerability exists only in the D‑Link DI‑8100 router running firmware 16.07.26A1; no other firmware versions or D‑Link product families are listed as affected.

Risk and Exploitability

The CVSS score of 9.3 indicates critical severity, and publicly available exploit code demonstrates feasibility of exploitation. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog; the remote nature of the attack increases the population of exposed devices that could be targeted.

Generated by OpenCVE AI on April 28, 2026 at 19:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s firmware update that addresses the buffer overflow in tgfile_htm
  • If a patch is not immediately available, restrict access to the router’s administrative ports by configuring network firewalls or ISP block lists
  • Implement network isolation by placing the router in a separate VLAN and limiting inbound traffic to essential services
  • Monitor device logs for anomalous CGI requests and block IPs that trigger buffer overflow patterns

Generated by OpenCVE AI on April 28, 2026 at 19:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link di-8100
Vendors & Products D-link
D-link di-8100

Tue, 28 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Title D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Di-8100
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-28T08:45:12.356Z

Reserved: 2026-04-27T17:44:14.172Z

Link: CVE-2026-7248

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T09:16:18.280

Modified: 2026-04-28T20:25:44.987

Link: CVE-2026-7248

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:30:27Z

Weaknesses