CVE-2025-51281

HIGH EPSS 33.4%

Published Aug 25, 202510mo ago · Modified Jun 17, 20261w ago

7.0 CVSS 3.1

High

Published Aug 25, 2025 10mo ago

Last Modified Jun 17, 2026 1w ago

Description

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. This vulnerability allows authenticated attackers to cause a Denial of Service (DoS) by sending crafted GET requests with overly long values for these parameters.

CVSS Details

Base Score

7.0

Exploitability

2.2

Impact

4.7

Vector string

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Attack Vector Network

Attack Complexity High

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity Low

Availability Low

Threat Intelligence

EPSS Exploit Probability

33.4% percentile

Exploit & Patch Status

Public Exploit Known

No Patch Available

Weaknesses 1

CWE-120

Affected Products 2

Vendor	Product	Version	Range
dlink	di-8100_firmware	16.07.26a1	any
dlink	di-8100	*	any

References 2

github.com https://github.com/BinaryHK/CVE/blob/main/CVE-2025-51281/CVE-2025-51281.md

ExploitThird Party Advisory
dlink.com https://www.dlink.com/en/security-bulletin/

Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.