| Title | D-Link DI-8100 16.07.26A1 Denial of Service |
|---|
| Description | A stack-based buffer overflow vulnerability exists in the web management interface of D-Link DI-8100 devices running firmware version 16.07.26A1.The vulnerability resides in the CGI handler responsible for processing the /user_group.asp endpoint (specifically within the function located at offset 0x0046ecec in the binary [email protected]). An authenticated attacker can overflow the buffer, corrupting the stack. This results in a Denial of Service (DoS) condition causing the HTTP service to crash. |
|---|
| Source | ⚠️ https://github.com/draw-ctf/report/blob/main/DI-8100/user_group_asp_overflow.md |
|---|
| User | draw (UID 64399) |
|---|
| Submission | 04/19/2026 16:51 (3 months ago) |
|---|
| Moderation | 05/05/2026 13:41 (16 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 361134 [D-Link DI-8100 16.07.26A1 CGI /user_group.asp sprintf buffer overflow] |
|---|
| Points | 20 |
|---|