DI-8003
by Dlink
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-50673 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the http_lanport parameter in the /webgl.asp endpoint. | ||
| CVE-2025-50672 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxz_dlink.asp endpoint. | ||
| CVE-2025-50671 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri. | ||
| CVE-2025-50670 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_bwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters. | ||
| CVE-2025-50669 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint. | ||
| CVE-2025-50668 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the s parameter in the /web_list_opt.asp endpoint. | ||
| CVE-2025-50667 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint. | ||
| CVE-2025-50666 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /web_post.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, user_id, log, and time. | ||
| CVE-2025-50665 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of input parameters in the /web_keyword.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request via the name, en, time, mem_gb2312, and mem_utf8 parameters. | ||
| CVE-2025-50664 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr. | ||
| CVE-2025-50663 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint. | ||
| CVE-2025-50662 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint. | ||
| CVE-2025-50661 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log. | ||
| CVE-2025-50660 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint. | ||
| CVE-2025-50659 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint. | ||
| CVE-2025-50657 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint. | ||
| CVE-2025-50655 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint. | ||
| CVE-2025-50654 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in the /thd_member.asp endpoint. | ||
| CVE-2025-50653 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /time_group.asp endpoint. | ||
| CVE-2025-50652 | Hig | 0.49 | 7.5 | 0.00 | Apr 8, 2026 | An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint. |
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the http_lanport parameter in the /webgl.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxz_dlink.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_bwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the s parameter in the /web_list_opt.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /web_post.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, user_id, log, and time.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of input parameters in the /web_keyword.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request via the name, en, time, mem_gb2312, and mem_utf8 parameters.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /url_rule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the pid parameter in the /trace.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thd_group.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in the /thd_member.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /time_group.asp endpoint.
- risk 0.49cvss 7.5epss 0.00
An issue in D-Link DI-8003 16.07.26A1 related to improper handling of the id parameter in the /saveparm_usb.asp endpoint.
Page 1 of 2