Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-50664

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-08 Apr, 2026 | 00:00
Updated At-22 Apr, 2026 | 15:42
Rejected At-
Credits

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:08 Apr, 2026 | 00:00
Updated At:22 Apr, 2026 | 15:42
Rejected At:
â–¼CVE Numbering Authority (CNA)

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.dlink.com/en/security-bulletin/
N/A
https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md
N/A
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505
N/A
Hyperlink: https://www.dlink.com/en/security-bulletin/
Resource: N/A
Hyperlink: https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md
Resource: N/A
Hyperlink: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:08 Apr, 2026 | 19:24
Updated At:22 Apr, 2026 | 16:16

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
D-Link Corporation
dlink
>>di-8003_firmware>>16.07.26a1
cpe:2.3:o:dlink:di-8003_firmware:16.07.26a1:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>di-8003>>-
cpe:2.3:h:dlink:di-8003:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-121
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.mdcve@mitre.org
Third Party Advisory
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505cve@mitre.org
N/A
https://www.dlink.com/en/security-bulletin/cve@mitre.org
Vendor Advisory
Hyperlink: https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.dlink.com/en/security-bulletin/
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

660Records found
CVE-2025-50661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50659
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50662
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50671
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.02%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-10 Apr, 2026 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003_firmwaredi-8003n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50663
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50657
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-57440
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.49% / 65.95%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 00:00
Updated-20 Jan, 2026 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DSL-3788 revA1 1.01R1B036_EU_EN is vulnerable to Buffer Overflow via the COMM_MAKECustomMsg function of the webproc cgi

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dsl-3788dsl-3788_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70244
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.73%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanSetup.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60555
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizardSelectMode.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60571
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.13%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600LAx FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetQoS.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60331
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.92%
||
7 Day CHG~0.00%
Published-22 Oct, 2025 | 00:00
Updated-24 Oct, 2025 | 13:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCU_SHELL endpoint. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823g_firmwaredir-823gn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50655
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60557
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEasy_Wizard.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-50660
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 17.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 00:00
Updated-22 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-di-8003di-8003_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60566
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.96%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60547
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWAN_Wizard7.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-10270
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.07% / 20.76%
||
7 Day CHG-0.00%
Published-01 Jun, 2026 | 15:30
Updated-03 Jun, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7001 MINI API httpd_debug.asp sprintf stack-based overflow

A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7001mini-8gdi-7001mini-8g_firmwareDI-7001 MINI
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70238
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70247
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70250
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formdumpeasysetup.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70234
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 10.71%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70227
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70237
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 10.71%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70246
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70243
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard534.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70242
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.01% / 3.08%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formSetWanPPTP.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70245
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.30%
||
7 Day CHG~0.00%
Published-12 Mar, 2026 | 00:00
Updated-13 Mar, 2026 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513_firmwaredir-513n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70251
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.73%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70240
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 10.71%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70249
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 00:00
Updated-11 Mar, 2026 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard2.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-70239
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.30%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-70241
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 10.71%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-513dir-513_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-60551
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the next_page parameter in the function formDeviceReboot.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60562
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formWlSiteSurvey.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60569
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.76%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetRoute.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60570
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.13%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLogDnsquery.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60572
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.13%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvNetwork.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60561
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60549
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAutoDetecWAN_wizard4.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60552
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formTcpipSetup.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60565
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60550
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-61577
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.57%
||
7 Day CHG~0.00%
Published-09 Oct, 2025 | 00:00
Updated-29 Oct, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-816A2_FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dir_setWanWifi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-816dir-816_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60556
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetWizard1.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60563
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.32%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-27 Oct, 2025 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60568
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formAdvFirewall.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60564
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.32%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetLog.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-60558
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formVirtualServ.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-5572
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-1.22% / 79.53%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 06:00
Updated-06 Jun, 2025 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DCS-932L setSystemEmail stack-based overflow

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dcs-932ldcs-932l_firmwareDCS-932L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-60559
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.74%
||
7 Day CHG~0.00%
Published-24 Oct, 2025 | 00:00
Updated-28 Oct, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetDomainFilter.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-600ldir-600l_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 13
  • 14
  • Next
Details not found