A critical buffer overflow vulnerability in D-Link DI-8100 routers poses a severe risk of remote code execution and full device compromise.

The vulnerability exists within the url_rule_asp function of the /url_rule.asp component. An unauthenticated remote attacker can trigger a buffer overflow by sending a maliciously crafted POST request to the device.

With a CVSS score of 9.8, this vulnerability represents a critical threat to organizational infrastructure. Successful exploitation grants an attacker full control over the affected gateway, potentially enabling lateral movement, traffic interception, and the complete compromise of internal network security.

Immediate Action: Update the firmware of the D-Link DI-8100 device to the latest version provided by the manufacturer.

Proactive Monitoring: Inspect network traffic for anomalous POST requests directed at the /url_rule.asp path and review device logs for signs of unauthorized configuration changes.

Compensating Controls: Implement a Web Application Firewall (WAF) or ingress filtering to block malicious POST payloads targeting the vulnerable URL until firmware can be applied.

Public Exploit Available: true

This vulnerability is critical and poses an immediate threat to the perimeter of any network utilizing the affected D-Link hardware. Administrators must prioritize the application of the vendor-supplied security update to neutralize the risk of remote code execution.