{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50647", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-22T15:28:02.067Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-08T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-22T15:28:02.067Z"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T13:14:08.908789Z", "id": "CVE-2025-50647", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T15:42:03.597Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-50647", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T13:14:08.908789Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T13:14:31.498Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-22T15:28:02.067Z"}}}, "cveMetadata": {"cveId": "CVE-2025-50647", "state": "PUBLISHED", "dateUpdated": "2026-04-22T15:28:02.067Z", "dateReserved": "2025-06-16T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-08T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:di-8003_firmware:16.07.26a1:*:*:*:*:*:*:*", "matchCriteriaId": "FA25536C-1B96-4611-BF35-A0AD24747929", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:di-8003:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6644787-50D7-4190-A2E3-DD54F43AE38C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint."}], "id": "CVE-2025-50647", "lastModified": "2026-04-22T16:16:49.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-08T19:24:15.460", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"source": "cve@mitre.org", "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.dlink.com/en/security-bulletin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.07.26A1"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "di-8003", "vendor": "dlink"}], "analysis": {"en": {"generated_at": "2026-04-13T16:52:58.831011+00:00", "value": {"mitigation_remediation": ["Check the D\u2011Link security bulletin for an available firmware update that resolves this issue; if a patch is published, install it promptly.", "If no updated firmware is available, block or disable the qos.asp endpoint or QoS functionality through firewall rules or by turning off QoS in the router settings.", "Restrict access to the router\u2019s web management interface to trusted IP ranges or internal networks only.", "Ensure the device\u2019s administrative password has been changed from any default value and is strong.", "Monitor the router\u2019s logs for anomalous access attempts to the web interface or unusual changes to QoS settings."], "summary": {"action": "Apply Update", "impact": "Buffer Overflow via Web Interface"}, "threat_synthesis": {"affected_systems": "The issue specifically targets the D\u2011Link DI\u20118003 model with firmware version 16.07.26A1. No other firmware releases are mentioned in the CVE data, so the impact on earlier or later releases is unknown.", "description_and_impact": "A buffer overflow flaw exists in the QoS configuration page (qos.asp) of D\u2011Link DI\u20118003 routers running firmware 16.07.26A1, where the \"wans\" parameter is processed without proper bounds checking. The overflow can corrupt memory and may result in a denial of service or, in the worst case, allow an attacker to execute arbitrary code on the device. The weakness is classified as a classic buffer overrun (CWE\u2011120).", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity impact, while the EPSS score of less than 1% suggests a low probability of exploitation. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The likely attack vector, based on the description, involves accessing the router\u2019s web management interface at the qos.asp endpoint, which may require administrative credentials or the exploitation of weak or default passwords. The overall risk is moderate to high for routers that expose their management interface to untrusted networks."}}}}, "created": "2026-04-08T20:02:24.585169+00:00", "title": "Buffer Overflow in D-Link DI-8003 QoS Web Interface", "updated": "2026-04-14T16:40:36.756516+00:00", "vendors": ["dlink", "dlink$PRODUCT$di-8003"]}