CVE-2026-10270— D-Link DI-7001 MINI API httpd_debug.asp sprintf stack-based overflow
Possible ATT&CK Techniques 2AI
T1190 · Exploit Public-Facing Application T1203 · Exploitation for Client ExecutionAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| D-Link | DI-7001 MINI | 19.09.19A1 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10270
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link DI-7001 MINI API httpd_debug.asp sprintf stack-based overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| D-Link | DI-7001 MINI | 19.09.19A1 | cpe:2.3:h:d-link:di-7001_mini:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-10270
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10270
请登录查看更多情报信息。
Proof of Concept for CVE-2026-10270 (2)
Vendor Pages for CVE-2026-10270 (1)
IV. Related Vulnerabilities
Same vendor: D-Link
- CVE-2026-10206
D-Link DI-8400 dbsrv.asp stack-based overflow - CVE-2018-25358
D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi - CVE-2026-8346
D-Link DIR-816 portForward command injection - CVE-2026-8345
D-Link DIR-816 singlePortForward sub_445E7C command injectio - CVE-2026-8344
D-Link DIR-816 formDMZ.cgi sub_445E7C command injection
Same weakness: CWE-121
- CVE-2026-10528
Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-ba - CVE-2026-24085
Stack-based Buffer Overflow in Display - CVE-2025-59613
Stack-based Buffer Overflow in Windows Compute - CVE-2025-59612
Stack-based Buffer Overflow in Windows Compute - CVE-2026-10293
UTT HiPER 1200GW formFireWall strcpy stack-based overflow
V. Comments for CVE-2026-10270
No comments yet