ID
VAR-202604-1896
CVE
CVE-2025-52222
TITLE
D-Link Corporation of di-8003 Classic buffer overflow vulnerabilities in multiple products, including firmware
Trust: 0.8
DESCRIPTION
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software
Trust: 1.62
AFFECTED PRODUCTS
| vendor: | dlink | model: | di-8003g | scope: | eq | version: | 17.12.21a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8003 | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8200 | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8200g | scope: | eq | version: | 17.12.20a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8100 | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8004w | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8500 | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8400 | scope: | eq | version: | 16.07.26a1 | Trust: 1.0 |
| vendor: | dlink | model: | di-8100g | scope: | eq | version: | 17.12.20a1 | Trust: 1.0 |
| vendor: | d link | model: | di-8200 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8100 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8003 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8400 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8200g | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8100g | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8500 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8004w | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | di-8003g | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-120 | Trust: 1.0 |
| problemtype: | Classic buffer overflow (CWE-120) [ others ] | Trust: 0.8 |
PATCH
| title: | Security Bulletin | D-Link GitHubGitHub | url: | https://www.dlink.com/en/security-bulletin/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2025-52222 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2026-011046 | Trust: 0.8 |
REFERENCES
| url: | https://github.com/xiaotea/iot-vulnerability-collection/blob/main/readme.md | Trust: 1.0 |
| url: | https://www.dlink.com/en/security-bulletin/ | Trust: 1.0 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2025-52222 | Trust: 0.8 |
SOURCES
| db: | JVNDB | id: | JVNDB-2026-011046 |
| db: | NVD | id: | CVE-2025-52222 |
LAST UPDATE DATE
2026-04-18T00:10:50.066000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2026-011046 | date: | 2026-04-16T01:36:00 |
| db: | NVD | id: | CVE-2025-52222 | date: | 2026-04-14T15:45:21.273 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2026-011046 | date: | 2026-04-16T00:00:00 |
| db: | NVD | id: | CVE-2025-52222 | date: | 2026-04-08T18:24:51.373 |