CVE-2026-10270
Stack-Based Buffer Overflow in D-Link DI-7001 MINI
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| d-link | di-7001mini | to 19.09.19A1 (inc) |
| d-link | di-7001_mini | to 19.09.19A1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to a denial of service (DoS), causing the device to crash or become unresponsive.
In some cases, it may allow an attacker to execute arbitrary commands on the device, potentially leading to full compromise.
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the D-Link DI-7001 MINI device, specifically in the sprintf function within the /httpd_debug.asp file of the device's API component.
The issue arises because the 'time' argument is not properly validated before being used in sprintf, allowing an attacker to send a specially crafted, excessively long input that overflows the buffer.
This overflow can be triggered remotely via HTTP POST requests to the httpd_debug.asp endpoint.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP POST requests to the /httpd_debug.asp endpoint on the D-Link DI-7001 MINI device. Specifically, look for requests containing an excessively long or malformed 'time' parameter, which may indicate an attempt to exploit the buffer overflow.
A practical approach is to capture network traffic and filter for POST requests targeting /httpd_debug.asp with suspiciously large 'time' parameter values.
- Use tcpdump or Wireshark to capture and analyze traffic: tcpdump -i <interface> -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
- Use grep or similar tools on web server logs to find POST requests to /httpd_debug.asp with 'time' parameters exceeding normal length.
- Example command to search logs: grep 'POST /httpd_debug.asp' /var/log/httpd/access.log | grep 'time='
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint /httpd_debug.asp to trusted networks only, such as by using firewall rules or access control lists.
Additionally, monitor and block suspicious HTTP POST requests with unusually long 'time' parameters to prevent exploitation attempts.
If possible, update the device firmware to a version later than 19.09.19A1 where the vulnerability is fixed.
Until a patch is applied, consider disabling the debug interface or the vulnerable API endpoint if the device configuration allows.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the D-Link DI-7001 MINI device allows remote attackers to cause a stack-based buffer overflow, potentially leading to denial of service or arbitrary command execution.
Such security flaws can impact compliance with standards like GDPR and HIPAA because they may lead to unauthorized access, data breaches, or service disruptions, which violate requirements for data protection, integrity, and availability.
However, the provided information does not explicitly detail the direct effects on compliance with these regulations.