PatchSiren cyber security CVE debrief
CVE-2026-10270 D-Link CVE debrief
A stack-based buffer overflow vulnerability exists in the D-Link DI-7001 MINI router firmware up to version 19.09.19A1. The vulnerability is located in the `sprintf` function within the `/httpd_debug.asp` file, a component of the device's API. Manipulation of the `Time` argument can trigger the overflow condition. The attack vector is network-based and the exploit has been publicly disclosed, increasing the risk of active exploitation. The CVSS 4.0 vector indicates a high severity vulnerability with network attack vector, low attack complexity, no required privileges, and high impact on confidentiality, integrity, and availability. The weakness classifications are CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow). The vendor attribution is based on reference domain analysis with low confidence and requires review; the affected product is identified as D-Link DI-7001 MINI.
- Vendor
- D-Link
- Product
- DI-7001 MINI
- CVSS
- HIGH 7.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-01
- Original CVE updated
- 2026-06-01
- Advisory published
- 2026-06-01
- Advisory updated
- 2026-06-01
Who should care
Organizations deploying D-Link DI-7001 MINI routers for network infrastructure; security teams managing edge router and gateway devices; incident response teams tracking public exploit availability for network equipment
Technical summary
The vulnerability exists in the `sprintf` function implementation within `/httpd_debug.asp` of the D-Link DI-7001 MINI firmware (versions up to 19.09.19A1). The `Time` parameter is not properly validated before being passed to `sprintf`, enabling a stack-based buffer overflow. This is a classic unsafe C function usage pattern (CWE-121) where insufficient bounds checking allows attacker-controlled input to exceed allocated stack buffer space. The network-accessible API endpoint permits remote exploitation without authentication requirements per the CVSS vector.
Defensive priority
HIGH
Recommended defensive actions
- Apply security patches from D-Link when available, prioritizing firmware updates for DI-7001 MINI devices running version 19.09.19A1 or earlier
- Restrict network access to the /httpd_debug.asp endpoint to trusted administrative hosts only
- Monitor for unauthorized access attempts targeting the API component, particularly requests manipulating Time parameters
- Consider network segmentation to isolate affected router management interfaces from untrusted networks
- Review and validate vendor attribution pending official D-Link security advisory confirmation
Evidence notes
Vulnerability data sourced from NVD modified feed with Vuldb as CNA. Public exploit references identified in GitHub repository. Vendor attribution marked as low confidence based on reference domain candidate analysis and flagged for review. CVSS 4.0 vector and CWE classifications provided by [email protected].
Official resources
Public exploit available; vulnerability disclosed in public repositories