Critical severity9.8NVD Advisory· Published May 5, 2026· Updated May 6, 2026

CVE-2026-7853

Description

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

Affected products

Draw Ctf/Reportreferences
Dlink/Di 8100 Firmware
cpe:2.3:o:dlink:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/draw-ctf/report/blob/main/DI-8100/auto_reboot_asp_overflow.mdnvdExploitThird Party Advisory
vuldb.com/submit/807837nvdThird Party AdvisoryVDB Entry
vuldb.com/vuln/361130nvdThird Party AdvisoryVDB Entry
vuldb.com/vuln/361130/ctinvdPermissions RequiredVDB Entry
www.dlink.comnvdProduct

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000