CVE-2025-50669

Published Apr 8, 2026

Last updated 2 months ago

CVSS high 7.5

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-50669 describes a buffer overflow vulnerability found in certain D-Link router models, specifically the DI-8003 (firmware version 16.07.26A1) and DI-8003G (firmware version 19.12.10A1). This flaw stems from the improper handling of the `wan_ping` parameter within the `/wan_ping.asp` endpoint. Exploitation of this vulnerability could allow an attacker to send specially crafted requests with an oversized `wan_ping` parameter, potentially leading to memory corruption. This could enable remote code execution or denial of service attacks on the affected D-Link devices. A patch has been made available to address this issue.

Description
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.
Source
cve@mitre.org
NVD status
Analyzed
Products
di-8003_firmware

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-120

Social media

Hype score
Not currently trending

  1. CVE-2025-50669 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp en… https://t.co/gkBTzwJtGW

    @Vi9sion

    13 Apr 2026

    104 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨*CVE* CVE-2025-50669 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp en… https://t.co/NCqXVnqWlJ ----- Traducción: CVE-2025-50669 Exi… https://t.co/utmtNg

    @infoflowcloud

    13 Apr 2026

    126 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-50669 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp en… https://t.co/mu8PkaYW9L

    @CVEnew

    13 Apr 2026

    670 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. We have just added an important vulnerability affecting D-Link DI-8003 and DI-8003G (CVE-2025-50669) https://t.co/48k9kNeXHZ

    @vuldb

    8 Apr 2026

    198 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the http_lanport parameter in the /webgl.asp endpoint.CVE-2025-50673
  2. A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxz_dlink.asp endpoint.CVE-2025-50672
  3. A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time, act, log, and rpri.CVE-2025-50671
  4. A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_bwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters.CVE-2025-50670
  5. A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint.CVE-2025-50667

References

Sources include official advisories and independent security research.