D-Link Di 8100 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D-Link Di 8100 Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in D-Link Di 8100 Firmware. Last year, in 2025 Di 8100 Firmware had 13 security vulnerabilities published. Right now, Di 8100 Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 13 | 7.96 |
| 2024 | 4 | 8.70 |
It may take a day or so for new Di 8100 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Di 8100 Firmware Security Vulnerabilities
D-Link DI-8100 1.0: Remote Stack Buffer Overflow via jhttpd sprintf in /upnp_ctrl.asp
CVE-2025-7911
9.8 - Critical
- July 20, 2025
A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
Critical Stack Overflow in D-Link DI-8100 1.0 jhttpd sprintf Remote
CVE-2025-7908
8.8 - High
- July 20, 2025
A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The manipulation of the argument mx leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 16.07.26A1: Remote Stack-Based BOF via HTTP Request Handler
CVE-2025-7790
6.5 - Medium
- July 18, 2025
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulation of the argument out_addr/in_addr/out_port/proto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 16.07.26A1 Remote Stack-Based Buffer Overflow
CVE-2025-7762
6.5 - Medium
- July 17, 2025
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
Critical Stack Overflow in D-Link DI-8100 16.07.26A1 HTTP Handler
CVE-2025-7603
7.2 - High
- July 14, 2025
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 16.07.26A1 HTTP Req Hand SB-Buffer Overflow
CVE-2025-7602
7.2 - High
- July 14, 2025
A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 16.07.21 Remote Buffer Overflow in jhttpd
CVE-2025-6881
8.8 - High
- June 30, 2025
A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the component jhttpd. The manipulation of the argument mschap_en leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 jhttpd Stack Buffer Overflow via notify param
CVE-2025-5228
8.8 - High
- May 27, 2025
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.
Buffer Overflow
D-Link DI-8100 16.07.26A1 Admin Auth Bypass (cve-2025-44083)
CVE-2025-44083
- May 21, 2025
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authentication
DI-8100 <=16.07.26A1 Stack Overflow via jhttpd DEF_MAX Attack
CVE-2025-4544
7.2 - High
- May 11, 2025
A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult.
Memory Corruption
D-Link DI-8100 16.07.26A1 auth_asp Stack Buffer Overflow via callback
CVE-2025-3538
8.8 - High
- April 13, 2025
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.
Memory Corruption
D-LINK DI-8100 16.07.26A1 Buffer Overflow in ipsec_road_asp via host_ip
CVE-2025-28395
- April 01, 2025
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
D-Links DI-8100 16.07.26A1 – buf overflow in ipsec_net_asp via remot_ip
CVE-2025-28398
- April 01, 2025
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
DI-8100 Buffer Overflow Vulnerability in ip_position_asp Function
CVE-2024-52711
- November 19, 2024
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter.
D-Link DI-8100 v16.07.26A1 Stack Overflow in dbsrv_asp
CVE-2024-44375
7.5 - High
- September 09, 2024
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function.
Memory Corruption
D-Link DI-8100 16.07 Remote Command Injection via upgrade_filter.asp
CVE-2024-7833
9.8 - Critical
- August 15, 2024
A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Command Injection
D-Link DI-8100 16.07: Command Injection via msp_info.htm cmd
CVE-2024-7436
8.8 - High
- August 03, 2024
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function msp_info_htm of the file msp_info.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273521 was assigned to this vulnerability.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D-Link Di 8100 Firmware or by D-Link? Click the Watch button to subscribe.
