CVE-2026-2157
7.2 HIGHPublished 2026-02-08 · Modified 2026-02-09 · Awaiting Analysis
Quick Summary
A vulnerability in a specific D-Link router model allows attackers to inject malicious commands over the network. This is a serious issue because it can give attackers full control of the device.
Who is affected
Users of the D-Link DIR-823X router with firmware version 250416 are affected. A remote attacker could execute arbitrary commands on the device, potentially stealing data or joining it to a botnet.
Recommended fix
Immediately check the D-Link support website for a firmware update and apply it. If no patch is available, consider disabling remote administration and restricting access to the router's web interface.
Technical Description
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub_4175CC of the file /goform/set_static_route_table. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78, CWE-77