{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-3538", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-04-13T01:35:20.766Z", "datePublished": "2025-04-13T18:31:05.124Z", "dateUpdated": "2025-04-14T19:17:28.142Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-04-13T18:31:05.124Z"}, "title": "D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "D-Link", "product": "DI-8100", "versions": [{"version": "16.07.26A1", "status": "affected"}], "modules": ["jhttpd"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Eine Schwachstelle wurde in D-Link DI-8100 16.07.26A1 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion auth_asp der Datei /auth.asp der Komponente jhttpd. Durch das Beeinflussen des Arguments callback mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "timeline": [{"time": "2025-04-13T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-04-13T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-04-13T03:45:58.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "FizzL (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.304577", "name": "VDB-304577 | D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.304577", "name": "VDB-304577 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.524224", "name": "Submit #524224 | Linksys DI-8100 router 16.07.26A1 Remote command execution", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Fizz-L/CVE1/blob/main/DI-8100Command%20execution2.md", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-14T19:17:04.335750Z", "id": "CVE-2025-3538", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-14T19:17:28.142Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3538", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-14T19:17:04.335750Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-14T19:17:15.442Z"}}], "cna": {"title": "D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "FizzL (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "affected": [{"vendor": "D-Link", "modules": ["jhttpd"], "product": "DI-8100", "versions": [{"status": "affected", "version": "16.07.26A1"}]}], "timeline": [{"lang": "en", "time": "2025-04-13T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-04-13T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-04-13T03:45:58.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.304577", "name": "VDB-304577 | D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.304577", "name": "VDB-304577 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.524224", "name": "Submit #524224 | Linksys DI-8100 router 16.07.26A1 Remote command execution", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Fizz-L/CVE1/blob/main/DI-8100Command%20execution2.md", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "Eine Schwachstelle wurde in D-Link DI-8100 16.07.26A1 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft die Funktion auth_asp der Datei /auth.asp der Komponente jhttpd. Durch das Beeinflussen des Arguments callback mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-04-13T18:31:05.124Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3538", "state": "PUBLISHED", "dateUpdated": "2025-04-14T19:17:28.142Z", "dateReserved": "2025-04-13T01:35:20.766Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-04-13T18:31:05.124Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:di-8100_firmware:16.07.26a1:*:*:*:*:*:*:*", "matchCriteriaId": "4FA39417-3894-4D6D-A899-000F56AA482B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:di-8100:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D417784-56F2-40AF-8FE8-C00E6F332131", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en D-Link DI-8100 16.07.26A1. Se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n auth_asp del archivo /auth.asp del componente jhttpd. La manipulaci\u00f3n de la devoluci\u00f3n de llamada del argumento provoca un desbordamiento del b\u00fafer basado en la pila. El ataque debe abordarse dentro de la red local. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."}], "id": "CVE-2025-3538", "lastModified": "2025-07-16T15:36:41.363", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-04-13T19:15:14.627", "references": [{"source": "[email protected]", "tags": ["Exploit", "VDB Entry", "Third Party Advisory"], "url": "https://github.com/Fizz-L/CVE1/blob/main/DI-8100Command%20execution2.md"}, {"source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.304577"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.304577"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.524224"}, {"source": "[email protected]", "tags": ["Product"], "url": "https://www.dlink.com/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-121"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "[email protected]", "type": "Primary"}]}

{}