CVE-2026-7247

Sažetak

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/draw-ctf/report/blob/main/DI-8100/file_exten_asp_overflow.md
https://vuldb.com/submit/802868
https://vuldb.com/vuln/359856
https://vuldb.com/vuln/359856/cti
https://www.dlink.com/

CVSS

Base:	8.3
Impact:	10.0
Exploitability:	6.4

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:M/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-04-2026 - 13:09

Objavljeno

28-04-2026 - 09:16