CVE-2026-10270
Description
A stack-based buffer overflow in the D-Link DI-7001MINI-8G httpd_debug.asp endpoint allows remote attackers to cause a denial of service or execute arbitrary commands.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack-based buffer overflow in the D-Link DI-7001MINI-8G httpd_debug.asp endpoint allows remote attackers to cause a denial of service or execute arbitrary commands.
Vulnerability
The D-Link DI-7001MINI-8G, in firmware versions up to 19.09.19A1, contains a stack-based buffer overflow vulnerability in the httpd_debug.asp component. The vulnerability exists within the sprintf function, which processes the Time parameter provided in HTTP POST requests. Because the application fails to perform length validation on this user-controlled input before concatenating it into a fixed-size buffer, the memory can be corrupted [2].
Exploitation
An attacker can exploit this vulnerability remotely by sending a specially crafted HTTP POST request to the /httpd_debug.asp endpoint. The request must include an overly long time parameter designed to exceed the buffer's capacity. Publicly available proof-of-concept code demonstrates that providing an excessively long string as the time value triggers the overflow [2], [3].
Impact
Successful exploitation of this vulnerability allows a remote attacker to trigger a denial of service (DoS) condition by crashing the service. Furthermore, under certain conditions, the overflow may be leveraged to achieve arbitrary command execution on the affected device, potentially leading to a full compromise of the system [2].
Mitigation
Not yet disclosed in the available references. Users are advised to monitor D-Link support channels for firmware updates that address this vulnerability [2].
AI Insight generated on Jun 1, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=19.09.19A1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application uses the unsafe sprintf function to process user-supplied input without performing length validation, leading to a stack-based buffer overflow."
Attack vector
An attacker can trigger this vulnerability by sending a specially crafted HTTP POST request to the /httpd_debug.asp endpoint [ref_id=1]. The request must include an overly long value for the 'time' parameter, which is then processed by the vulnerable sprintf function [ref_id=1]. This remote attack can result in a denial of service or potential arbitrary command execution [ref_id=1].
Affected code
The vulnerability is located within the /httpd_debug.asp file [ref_id=1]. Specifically, the issue arises in the function sprintf where the user-controlled 'time' parameter is concatenated into a command string without length checks [ref_id=1].
What the fix does
No patch is currently available for this vulnerability. Remediation requires implementing strict length validation on the 'time' parameter before it is passed to any string formatting functions. Developers should replace unsafe functions like sprintf with safer alternatives that enforce buffer boundaries, such as snprintf.
Preconditions
- networkThe attacker must have network access to the D-Link DI-7001MINI-8G device.
- authThe device must be accessible, and the attacker may need valid credentials to reach the vulnerable endpoint depending on the device's authentication configuration.
Reproduction
To reproduce the vulnerability, send a crafted HTTP POST request to the /httpd_debug.asp endpoint with an excessively long 'time' parameter value [ref_id=1]. An example payload is provided in the public exploit reference: POST /httpd_debug.asp HTTP/1.1 with a 'time' parameter containing a large sequence of characters [ref_id=1].
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6News mentions
0No linked articles in our index yet.