CVE-2026-7853 — AI Deep Analysis Summary

🚨 **Essence**: A critical **Buffer Overflow** in the HTTP handler. 📉 **Consequences**: Remote attackers can crash the device or execute arbitrary code, leading to total system compromise.

🛡️ **Root Cause**: **CWE-120** (Buffer Copy without Checking Size of Input). The `sprintf` function in `/auto_reboot.asp` fails to validate the length of the `enable/time` parameters before writing to memory.

📦 **Affected**: **D-Link DI-8100** Router. 📅 **Version**: Specifically **16.07.26A1**. ⚙️ **Component**: The HTTP Handler processing the auto-reboot feature.

👑 **Privileges**: Attackers gain **Remote Code Execution (RCE)**. 📊 **Impact**: High Confidentiality, Integrity, and Availability loss.…

🔓 **Threshold**: **LOW**. 🌐 **Access**: No authentication required (`PR:N`). 🖱️ **Interaction**: No user interaction needed (`UI:N`). Attackers can exploit this purely over the network.

💥 **Exploit Status**: **YES**. Public Proof-of-Concept (PoC) code is available on GitHub. 🚀 **Risk**: Wild exploitation is highly likely since the barrier to entry is minimal.

🔍 **Self-Check**: Scan for the specific endpoint `/auto_reboot.asp`. 📡 **Indicator**: Look for abnormal responses or crashes when sending oversized payloads to the `enable` or `time` parameters via HTTP requests.

🩹 **Official Fix**: The data indicates a **Denial of Service** report and technical description, but does not explicitly confirm a vendor patch release date.…

🛑 **Workaround**: If no patch exists, **disable remote management** on the router. 🚫 **Block**: Restrict access to the web interface to trusted internal IPs only to prevent remote exploitation.

🔥 **Urgency**: **CRITICAL**. 🚨 **Priority**: Patch immediately. With CVSS **9.8** (High), no auth required, and public exploits, this is an active threat requiring instant attention.