cbcvebase.

Dlink Di-8003 Firmware vulnerabilities

34 known vulnerabilities affecting dlink/di-8003_firmware.

Total CVEs
34
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH29MEDIUM4

Vulnerabilities

Page 2 of 2
CVE-2025-50663HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50663 [HIGH] CWE-121 CVE-2025-50663: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint.
nvd
CVE-2025-50665HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50665 [HIGH] CWE-120 CVE-2025-50665: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of inpu A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of input parameters in the /web_keyword.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request via the name, en, time, mem_gb2312, and mem_utf8 parameters.
nvd
CVE-2025-50672HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50672 [HIGH] CWE-120 CVE-2025-50672: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxz_dlink.asp endpoint.
nvd
CVE-2025-50666HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50666 [HIGH] CWE-120 CVE-2025-50666: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of mult A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /web_post.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, user_id, log, and time.
nvd
CVE-2025-50669HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50669 [HIGH] CWE-120 CVE-2025-50669: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to i A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.
nvd
CVE-2025-50654HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50654 [HIGH] CWE-120 CVE-2025-50654: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of th A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of the id parameter in the /thd_member.asp endpoint.
nvd
CVE-2025-50671HIGHCVSS 7.5v16.07.26a12026-04-08
CVE-2025-50671 [HIGH] CWE-121 CVE-2025-50671: A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of para A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri.
nvd
CVE-2024-52755MEDIUMCVSS 4.9v16.07.16a12024-11-21
CVE-2024-52755 [MEDIUM] CWE-787 CVE-2024-52755: D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the host_ip parameter in D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the host_ip parameter in the ipsec_road_asp function.
nvd
CVE-2024-52757MEDIUMCVSS 4.9v16.07.16a12024-11-20
CVE-2024-52757 [MEDIUM] CWE-787 CVE-2024-52757: D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in t D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arp_sys_asp function.
nvd
CVE-2024-52754MEDIUMCVSS 4.9v16.07.16a12024-11-20
CVE-2024-52754 [MEDIUM] CWE-787 CVE-2024-52754: D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the t D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function.
nvd
CVE-2024-52759CRITICALCVSS 9.8v16.07.16a12024-11-19
CVE-2024-52759 [CRITICAL] CWE-120 CVE-2024-52759: D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the i D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function.
nvd
CVE-2024-11048HIGHCVSS 8.7v16.07.16a12024-11-10
CVE-2024-11048 [HIGH] CWE-119 CVE-2024-11048: A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by t A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-11047HIGHCVSS 8.7v16.07.16a12024-11-10
CVE-2024-11047 [HIGH] CWE-119 CVE-2024-11047: A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected b A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and ma
nvd
CVE-2024-11046MEDIUMCVSS 5.3v16.07.16a12024-11-10
CVE-2024-11046 [MEDIUM] CWE-77 CVE-2024-11046: A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
← Previous2 / 2