{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-50659", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-08T17:33:21.270Z", "dateReserved": "2025-06-16T00:00:00.000Z", "datePublished": "2026-04-08T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-08T17:33:21.270Z"}, "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.dlink.com/en/security-bulletin/"}, {"url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the custom_error parameter in the /user.asp endpoint."}], "id": "CVE-2025-50659", "lastModified": "2026-04-08T21:26:13.410", "metrics": {}, "published": "2026-04-08T19:24:16.470", "references": [{"source": "cve@mitre.org", "url": "https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md"}, {"source": "cve@mitre.org", "url": "https://www.dlink.com/en/security-bulletin/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"analysis": {"en": {"generated_at": "2026-04-08T19:57:50.085290+00:00", "value": {"mitigation_remediation": ["Update the device firmware to a version that addresses this issue if one is available from D\u2011Link.", "If a new firmware is not available, restrict access to the device\u2019s web interface by placing it behind a firewall and allowing only trusted IP addresses.", "Consider disabling the custom_error parameter or the /user.asp endpoint through the router\u2019s configuration if possible.", "Back up the device\u2019s configuration before applying changes or updates."], "summary": {"action": "Patch ASAP", "impact": "Potential remote code execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects D\u2011Link DI\u20118003 devices with firmware 16.07.26A1. No other affected product or version information is available. The impact applies to any device running that specific firmware build.", "description_and_impact": "A buffer overflow arises from the way the custom_error parameter is processed in the /user.asp endpoint of the device, allowing an attacker to corrupt memory on the router. The overflow can lead to arbitrary code execution or a crash of the web services. The description does not detail the full scope, but the severity is implied by the nature of a buffer overflow. The likely attack vector is through the publicly reachable web interface, which is inferred from the presence of the /user.asp endpoint.", "risk_and_exploitability": "The CVSS score is not supplied, and the EPSS value is missing, so the precise severity is uncertain; however, a buffer overflow is typically considered high risk. No KEV listing suggests it has not been widely exploited yet, but the potential for remote exploitation remains. Likely exploitation would require network access to the device's management web interface, and would grant the attacker control over the device or cause a denial of service."}}}}, "created": "2026-04-08T20:02:17.875375+00:00", "title": "Buffer Overflow in Custom Error Parameter Handling of D-Link DI-8003 /user.asp Endpoint", "updated": "2026-04-08T20:02:17.875402+00:00", "vendors": [], "weaknesses": ["CWE-120"]}