CVE-2026-2155
7.2 HIGHPublished 2026-02-08 · Modified 2026-02-09 · Awaiting Analysis
Quick Summary
A vulnerability in certain D-Link routers allows remote attackers to inject and execute operating system commands by manipulating specific configuration parameters. This is a serious flaw because it can give an attacker full control over the device.
Who is affected
Users of the D-Link DIR-823X router with firmware version 250416 are affected. An attacker could exploit this to take over the router, steal data, or launch further attacks on the local network.
Recommended fix
Immediately check the D-Link support website for a firmware update that addresses this specific CVE and apply it. If no patch is available, consider disabling remote administration and restricting access to the router's web interface.
Technical Description
A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub_4208A0 of the file /goform/set_dmz of the component Configuration Handler. The manipulation of the argument dmz_host/dmz_enable results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78, CWE-77