CVE-2025-45057

High

Published: 08 April 2026

Published

08 April 2026

Modified

10 April 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0002 6.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-45057 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Dlink Di-8300 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 6.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

SI-10 requires validation of inputs like the 'ip' parameter to enforce bounds checking, directly preventing the buffer overflow exploitation in ip_position_asp.

SI-16 Memory Protection good match

prevent

SI-16 implements memory protections such as address space layout randomization and stack guards to mitigate buffer overflow attempts leading to memory corruption and DoS.

SC-5 Denial-of-service Protection good match

prevent

SC-5 provides denial-of-service protections like rate limiting to limit the impact of crafted inputs causing remote crashes on the network-accessible router.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Remote unauthenticated buffer overflow in public web interface (ip_position_asp) directly enables T1190; resulting memory corruption crashes the device, matching T1499.004 system exploitation for DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Deeper analysisAI

CVE-2025-45057 is a buffer overflow vulnerability (CWE-120) affecting the D-Link DI-8300 router on firmware version 16.07.26A1. The flaw exists in the ip_position_asp function, where the ip parameter can be exploited through insufficient bounds checking on crafted input, potentially leading to memory corruption.

With a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), the vulnerability is network-accessible and requires low attack complexity, no privileges, and no user interaction. Unauthenticated attackers can remotely send specially crafted input to the affected function, triggering a denial of service (DoS) condition by crashing the device and disrupting its availability.

Advisories and further details are available via the provided references, including a GitHub IoT vulnerability collection at https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md, D-Link's product support page for the DI-8300 at https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI-8300, and the D-Link security bulletin page at https://www.dlink.com/en/security-bulletin/.

Details

CWE(s): CWE-120

Affected Products

dlink

di-8300 firmware

16.07.26a1

CVEs Like This One

CVE-2025-45059Same product: Dlink Di-8300

CVE-2025-45058Same product: Dlink Di-8300

CVE-2025-50672Same vendor: Dlink

CVE-2025-50653Same vendor: Dlink

CVE-2025-50644Same vendor: Dlink

CVE-2025-50666Same vendor: Dlink

CVE-2025-50669Same vendor: Dlink

CVE-2025-50665Same vendor: Dlink

CVE-2025-50652Same vendor: Dlink

CVE-2025-50668Same vendor: Dlink

References

https://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.md
Third Party Advisory · cve@mitre.org
https://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI-8300
Product · cve@mitre.org
https://www.dlink.com/en/security-bulletin/
Vendor Advisory · cve@mitre.org