| Title | D-Link DI-8100 16.07.26A1 Denial of Service |
|---|
| Description | The DI-8100 router web management interface contains a stack-based buffer overflow vulnerability in the /url_member.asp endpoint. An authenticated attacker can supply an overly long string to the name parameter when performing an add operation. This input is copied into a fixed-size stack buffer without proper length validation, leading to memory corruption, process crash, and potential remote code execution. |
|---|
| Source | ⚠️ https://github.com/draw-ctf/report/blob/main/DI-8100/url_member_asp_overflow.md |
|---|
| User | draw (UID 64399) |
|---|
| Submission | 04/19/2026 16:27 (3 months ago) |
|---|
| Moderation | 05/05/2026 13:41 (16 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 361133 [D-Link DI-8100 16.07.26A1 Web Management Interface /url_member.asp Name buffer overflow] |
|---|
| Points | 20 |
|---|