CVE-2025-45059

EPSS 0.02%
Veröffentlicht 08.04.2026 00:00:00
Zuletzt bearbeitet 10.04.2026 21:15:23
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dlink ≫ Di-8300 Firmware Version16.07.26a1

Dlink ≫ Di-8300 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.063

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.dlink.com/en/security-bulletin/

Vendor Advisory

https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI-8300

Product

https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-45059

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-45059

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-45059

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-45059