{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50660", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-22T15:38:12.332Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-08T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-22T15:38:12.332Z"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T17:43:25.992470Z", "id": "CVE-2025-50660", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T17:43:58.901Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-50660", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T17:43:25.992470Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T17:43:54.077Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-22T15:38:12.332Z"}}}, "cveMetadata": {"cveId": "CVE-2025-50660", "state": "PUBLISHED", "dateUpdated": "2026-04-22T15:38:12.332Z", "dateReserved": "2025-06-16T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-08T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:di-8003_firmware:16.07.26a1:*:*:*:*:*:*:*", "matchCriteriaId": "FA25536C-1B96-4611-BF35-A0AD24747929", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:di-8003:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6644787-50D7-4190-A2E3-DD54F43AE38C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_member.asp endpoint."}], "id": "CVE-2025-50660", "lastModified": "2026-04-22T16:16:50.887", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-08T19:24:16.583", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"source": "cve@mitre.org", "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10505"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.dlink.com/en/security-bulletin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[16.07.26A1,16.07.26A1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "di-8003", "vendor": "d-link"}], "analysis": {"en": {"generated_at": "2026-04-13T15:23:52.632416+00:00", "value": {"mitigation_remediation": ["Apply the latest D\u2011Link firmware update that resolves the buffer overflow issue", "If an immediate firmware update is not available, restrict external access to the /url_member.asp endpoint by disabling remote management or configuring firewall rules to block traffic to the device from untrusted networks", "Monitor device logs for unexpected restarts or suspicious activity, and enable any available intrusion detection or firmware integrity checks"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Affected devices are D\u2011Link\u2019s DI\u20118003 wireless routers running firmware 16.07.26A1. The vulnerability is exposed through the web\u2011based configuration interface and applies only to that specific firmware build, as identified by the CPE entries for the device (h:dlink:di-8003) and the firmware (o:dlink:di-8003_firmware:16.07.26a1).", "description_and_impact": "The vulnerability is a classic stack-based buffer overflow in the D\u2011Link DI\u20118003 router firmware version 16.07.26a1. The flaw arises when the device parses the name parameter sent to the /url_member.asp endpoint without proper bounds checking. Because the super\u2011user HTTP interface is reachable over the network, an unauthenticated attacker could supply an oversized payload that overwrites return addresses, potentially allowing them to inject and execute arbitrary code and gain full control of the device.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity, but the EPSS value of less than 1% suggests a low probability that attackers have already exploited this flaw in the wild, and it is not listed in the CISA KEV catalog. Nonetheless, because the flaw is accessible via the publicly reachable configuration portal, it represents a significant risk if the device is exposed on the internet. Attackers need no special privileges beyond reaching the device over HTTP, but exploitation requires knowledge of the vulnerable endpoint and the ability to construct the overflow payload."}}}}, "created": "2026-04-09T08:22:37.484773+00:00", "title": "Buffer Overflow in D-Link DI-8003 16.07.26A1 /url_member.asp Endpoint", "updated": "2026-04-14T16:40:28.262895+00:00", "vendors": ["d-link", "d-link$PRODUCT$di-8003"]}