CVE-2025-51281
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-25
Last updated on: 2025-10-01
Assigner: MITRE
Description
Description
D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. This vulnerability allows authenticated attackers to cause a Denial of Service (DoS) by sending crafted GET requests with overly long values for these parameters.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | di-8100_firmware | 16.07.26a1 |
| dlink | di-8100 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the D-Link DI-8100 firmware version 16.07.26A1. It occurs via the 'en', 'val', and 'id' parameters in the qj_asp function. Authenticated attackers can exploit this by sending crafted GET requests with overly long values for these parameters, causing the device to crash or become unresponsive.
How can this vulnerability impact me? :
The vulnerability can lead to a Denial of Service (DoS) condition, meaning the affected device can crash or become unresponsive, disrupting network services and potentially causing downtime.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70