A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function
httpd_get_parm
of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2025-5228. The attack can only be initiated within the local network. Furthermore, there is an exploit available.