Details of VAR-202604-1754

ID

VAR-202604-1754

CVE

CVE-2025-45058

TITLE

D-Link Corporation of di-8300 Classic buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-010677

DESCRIPTION

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingx_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. DoS ) may cause attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-45058 // JVNDB: JVNDB-2026-010677

AFFECTED PRODUCTS

vendor:	dlink	model:	di-8300	scope:	eq	version:	16.07.26a1	Trust: 1.0
vendor:	d link	model:	di-8300	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	di-8300	scope:	eq	version:	-	Trust: 0.8
vendor:	d link	model:	di-8300	scope:	eq	version:	di-8300 firmware 16.07.26a1	Trust: 0.8

sources: JVNDB: JVNDB-2026-010677 // NVD: CVE-2025-45058

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-45058
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2026-010677
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-45058
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-010677
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-010677 // NVD: CVE-2025-45058

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-010677 // NVD: CVE-2025-45058

PATCH

title:

Security Bulletin | D-Link GitHubGitHub

url:

https://www.dlink.com/en/security-bulletin/

Trust: 0.8

sources: JVNDB: JVNDB-2026-010677

EXTERNAL IDS

db:	NVD	id:	CVE-2025-45058	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-010677	Trust: 0.8

sources: JVNDB: JVNDB-2026-010677 // NVD: CVE-2025-45058

REFERENCES

url:	https://www.dlink.com.cn/techsupport/productinfo.aspx?m=di-8300	Trust: 1.8
url:	https://www.dlink.com/en/security-bulletin/	Trust: 1.0
url:	https://github.com/xiaotea/iot-vulnerability-collection/blob/main/readme.md	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-45058	Trust: 0.8

sources: JVNDB: JVNDB-2026-010677 // NVD: CVE-2025-45058

SOURCES

db:	JVNDB	id:	JVNDB-2026-010677
db:	NVD	id:	CVE-2025-45058

LAST UPDATE DATE

2026-04-16T22:04:52.986000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-010677	date:	2026-04-13T02:14:00
db:	NVD	id:	CVE-2025-45058	date:	2026-04-10T21:15:34.363

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-010677	date:	2026-04-13T00:00:00
db:	NVD	id:	CVE-2025-45058	date:	2026-04-08T18:24:45.723