CVE-2026-2175
7.2 HIGHPublished 2026-02-08 · Modified 2026-02-09 · Awaiting Analysis
Quick Summary
A vulnerability in certain D-Link router models allows attackers to remotely inject malicious commands into the device's operating system by manipulating a specific setting. This is a serious flaw because it can give an attacker full control over the router.
Who is affected
Owners of the D-Link DIR-823X router with firmware version 250416 are affected. An attacker on the same network could exploit this to run any command on the device, potentially stealing data or using it to attack other devices.
Recommended fix
Immediately check the D-Link support website for a firmware update that addresses this specific CVE and apply it. If no patch is available, disable the UPnP service in the router's web interface as a temporary mitigation.
Technical Description
A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420618 of the file /goform/set_upnp. This manipulation of the argument upnp_enable causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78, CWE-77