CVE-2025-4883

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1

Description A critical vulnerability affects the function ctxz asp of the file /ctxz.asp in the Connection Limit Page component. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to a stack-based buffer overflow. This issue can be exploited remotely.

Recommendations For D-Link DI-8100 version 16.07.26A1, as a temporary workaround, consider disabling the ctxz asp function until a patch is available. Restrict access to the /ctxz.asp file to minimize the risk of exploitation. Avoid using the def/defTcp/defUdp/defIcmp/defOther argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.