{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50647", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-08T17:24:49.470Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-08T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-08T17:24:49.470Z"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint."}], "id": "CVE-2025-50647", "lastModified": "2026-04-08T21:26:13.410", "metrics": {}, "published": "2026-04-08T19:24:15.460", "references": [{"source": "cve@mitre.org", "url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"source": "cve@mitre.org", "url": "https://www.dlink.com/en/security-bulletin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.07.26A1"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "di-8003", "vendor": "dlink"}], "analysis": {"en": {"generated_at": "2026-04-08T20:00:29.074466+00:00", "value": {"mitigation_remediation": ["Update the router firmware to the latest version released by D\u2011Link"], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Only the D\u2011Link DI\u20118003 model running firmware version 16.07.26A1 is explicitly mentioned. No other firmware or model versions are listed in the advisory. Users with this exact build are affected.", "description_and_impact": "A buffer overflow occurs when the device processes the \"wans\" parameter in the qos.asp web interface. The vulnerability can corrupt the program\u2019s execution flow, allowing an attacker to inject and execute arbitrary code on the router. The weakness is a classic memory corruption flaw, and successful exploitation would give an attacker full control over the affected device, compromising confidentiality, integrity, and availability.", "risk_and_exploitability": "The CVSS score is not provided in the data, so the exact severity cannot be quantified, but a classic buffer overflow is generally high risk. No EPSS score is available, indicating uncertainty about exploitation likelihood, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is the web interface, where a crafted HTTP request to qos.asp could trigger the overflow, but this is inferred from the description."}}}}, "created": "2026-04-08T20:02:24.585169+00:00", "title": "Buffer Overflow in D\u2011Link DI\u20118003 WANS Parameter Leading to Potential Remote Code Execution", "updated": "2026-04-08T20:13:01.106700+00:00", "vendors": ["dlink", "dlink$PRODUCT$di-8003"], "weaknesses": ["CWE-119"]}