Rewterz

Multiple SAP Products Vulnerabilities

April 14, 2025
Rewterz

Multiple Microsoft Windows Products Vulnerabilities

April 14, 2025

CVE-2025-3538 – D-Link DI-8100 Firmware Vulnerability

Severity

High

Analysis Summary

CVE-2025-3538

A critical vulnerability exists in the D-Link DI-8100 firmware version 16.07.26A1. The vulnerability is located in the /auth.asp file within the jhttpd component, specifically in the auth_asp function. An attacker can trigger a stack-based buffer overflow by manipulating the callback argument. The attack requires the attacker to be within the local network. The vulnerability has been publicly disclosed, and an exploit is potentially available for malicious use.

Impact

  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2025-3538

Affected Vendors

  • D-Link

Affected Products

  • D-Link DI-8100 firmware - 16.07.26A1

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

D-Link Website

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.