| Titel | D-Link DI-8100 16.07.26A1 Denial of Service |
|---|
| Beschreibung | A critical stack-based buffer overflow vulnerability exists in the file_exten.asp CGI script of the DI-8100 router firmware. The vulnerability is triggered when processing the name parameter with an overly long string during file extension configuration operations (opt=add or opt=mod). An authenticated attacker can exploit this flaw to execute arbitrary code on the underlying system, potentially leading to complete device compromise, denial of service, or lateral movement within the network. |
|---|
| Quelle | ⚠️ https://github.com/draw-ctf/report/blob/main/DI-8100/file_exten_asp_overflow.md |
|---|
| Benutzer | draw (UID 64399) |
|---|
| Einreichung | 11.04.2026 17:00 (vor 2 Monaten) |
|---|
| Moderieren | 27.04.2026 19:44 (16 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 359856 [D-Link DI-8100 16.07.26A1 File Extension file_exten.asp file_exten_asp Name Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|