CVE-2026-2157

D-Link DIR-823X 250416 is affected by CVE-2026-2157. The vulnerability is in the function sub_4175CC of /goform/set_static_route_table, where manipulating arguments (interface, destip, netmask, gateway, metric) enables OS command injection. Attack can be performed remotely and public exploits hav...

CVE-2026-2155

A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub4208A0 of the file /goform/setdmz of the component Configuration Handler. The manipulation of the argument dmzhost/dmzenable results in os command injection. The attack can be executed remotely...

CVE-2026-2155

A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub4208A0 of the file /goform/setdmz of the component Configuration Handler. The manipulation of the argument dmzhost/dmzenable results in os command injection. The attack can be executed remotely...

EUVD-2026-5794

A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub4208A0 of the file /goform/setdmz of the component Configuration Handler. The manipulation of the argument dmzhost/dmzenable results in os command injection. The attack can be executed remotely...

CVE-2026-2152

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

CVE-2026-2152

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

CVE-2026-2082

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2026-2085

A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...

CVE-2026-2152

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

CVE-2026-2152 D-Link DIR-615 Web Configuration adv_routing.php os command injection

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

CVE-2026-2151

A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file advfirewall.php of the component DMZ Host Feature. Such manipulation of the argument dmzipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2026-2151

A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file advfirewall.php of the component DMZ Host Feature. Such manipulation of the argument dmzipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2026-2151 D-Link DIR-615 DMZ Host Feature adv_firewall.php os command injection

A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file advfirewall.php of the component DMZ Host Feature. Such manipulation of the argument dmzipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2026-2142

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420688 of the file /goform/setqos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be us...

CVE-2026-2142

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420688 of the file /goform/setqos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be us...

EUVD-2026-5806

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420688 of the file /goform/setqos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be us...

CVE-2026-2142 D-Link DIR-823X set_qos sub_420688 os command injection

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420688 of the file /goform/setqos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be us...

CVE-2026-2142

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420688 of the file /goform/setqos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be us...

CVE-2026-2142

CVE-2026-2142 concerns D-Link DIR-823X firmware (build 250416). The vulnerability affects the function sub_420688 in /goform/set_qos, allowing remote OS command injection via manipulation of that function. Public exploit code is available, enabling remote attacks with high impact on confidentiali...