Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 CVSS score: 9.3, concerns a case of command injection in the "dnscfg.cgi" endpoint that arises as a result of improper...

CVE-2026-0625 D-Link DSL/DIR/DNS Authentication Bypass via DNS Configuration Endpoint

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DN...

CVE-2026-0625

CVE-2026-0625 affects multiple D-Link DSL gateway devices (e.g., DSL-2740R, DSL-2640B, DSL-2780B, DSL-526B). The dnscfg.cgi endpoint permits an unauthenticated remote command injection due to improper sanitization, enabling arbitrary shell commands execution and DNS configuration modification wit...

D-Link多款产品 访问控制错误漏洞

The D-Link DSL-2740R and other products are products of China AUO D-Link.The D-Link DSL-2740R is a high-performance ADSL router.The D-Link DSL-2640B is a wireless ADSL routed broadband cat.The D-Link DSL-2780B is a wireless ADSL routed broadband cat.The D-Link DSL-2780B is a wireless ADSL routed...

PT-2026-1338

Name of the Vulnerable Software and Affected Versions D-Link DSL-2640B versions ≤ 1.07 D-Link DSL-2740R versions 1.17 D-Link DSL-2780B versions ≤ 1.01.14 D-Link DSL-526B versions ≤ 2.01 D-Link DSL gateway devices affected versions not specified Description A critical remote code execution RCE...