CVE-2025-6881

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 version 16.07.21

Description: A critical issue affects some unknown functionality of the file /pppoe base.asp of the component jhttpd. The manipulation of the mschap en argument leads to a buffer overflow. This issue can be exploited remotely. A public exploit has been disclosed.

Recommendations: For D-Link DI-8100 version 16.07.21, as a temporary workaround, consider restricting access to the /pppoe base.asp file until a patch is available. Avoid using the mschap en argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.