CVE-2026-2084
7.2 HIGHPublished 2026-02-07 · Modified 2026-02-09 · Undergoing Analysis
Quick Summary
A vulnerability in certain D-Link routers allows attackers to run malicious commands on the device by sending a specially crafted network request. This is a serious issue because it can be exploited remotely and a public exploit exists.
Who is affected
Users of the D-Link DIR-823X router with firmware version 250416 are affected. An attacker could take full control of the router, steal data, or use it to attack other devices on the network.
Recommended fix
Immediately check the D-Link support website for a firmware update that addresses this command injection flaw. If no patch is available, consider disabling remote administration and restricting access to the router's web interface.
Technical Description
A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78, CWE-77