{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50648", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-08T17:25:26.412Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-08T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-08T17:25:26.412Z"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint."}], "id": "CVE-2025-50648", "lastModified": "2026-04-08T21:26:13.410", "metrics": {}, "published": "2026-04-08T19:24:15.570", "references": [{"source": "cve@mitre.org", "url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"source": "cve@mitre.org", "url": "https://www.dlink.com/en/security-bulletin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"analysis": {"en": {"generated_at": "2026-04-08T20:00:11.389700+00:00", "value": {"mitigation_remediation": ["Check D\u2011Link\u2019s website for a firmware update that addresses this issue and apply the newest stable firmware to the DI\u20118003.", "If an update is unavailable or cannot be applied immediately, restrict external access to the router\u2019s web management interface, preferably via a firewall or by disabling the /tggl.asp endpoint if possible.", "Continuously monitor network traffic for abnormal HTTP requests to /tggl.asp and review system logs for signs of exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution via Buffer Overflow"}, "threat_synthesis": {"affected_systems": "The affected product is the D\u2011Link DI\u20118003 router running firmware version 16.07.26A1. No other vendors or product variations are listed as impacted within the available data.", "description_and_impact": "A buffer overflow vulnerability exists in the /tggl.asp endpoint of the D\u2011Link DI\u20118003 router due to inadequate input validation. Malicious data sent to this endpoint can overwrite memory and potentially allow an attacker to execute arbitrary code on the device. Such an attack would compromise confidentiality, integrity, and availability of the network equipment and could be leveraged to pivot to other systems within the local network.", "risk_and_exploitability": "The CVSS score is not provided, but buffer overflow vulnerabilities are generally considered high\u2011severity. There is no EPSS score and the vulnerability is not listed in the CISA KEV catalog, indicating that widespread exploitation has not been documented. The likely attack vector is over the network through a crafted HTTP request to /tggl.asp, but the exact exploitation details are not supplied."}}}}, "created": "2026-04-08T20:02:23.509740+00:00", "title": "Buffer Overflow in D-Link DI\u20118003 /tggl.asp Endpoint", "updated": "2026-04-08T20:02:23.509802+00:00", "vendors": [], "weaknesses": ["CWE-120"]}