CVE-2026-2260
7.2 HIGHPublished 2026-02-10 · Modified 2026-02-10 · Received
Quick Summary
A vulnerability in certain D-Link camera models allows attackers to remotely execute commands on the device by sending a specially crafted request. This is a serious issue because the exploit is public and the affected devices are no longer receiving security updates.
Who is affected
Owners of D-Link DCS-931L cameras (version 1.13.0 and earlier) are affected. An attacker could take full control of the camera, potentially using it to spy, launch further attacks, or disrupt its operation.
Recommended fix
Since the product is end-of-life and unsupported, the only secure remediation is to physically disconnect and replace the camera. If it must remain in use, isolate it on a separate, firewalled network with no internet access.
Technical Description
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Details
Attack Vector
NETWORK
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78, CWE-77