CVE-2026-1544

A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...

CVE-2026-1544

CVE-2026-1544 affects D-Link DIR-823X (firmware 250416). The vulnerability is in the function sub_41E2A0 of /goform/set_mode, where manipulation of the lan_gateway argument enables remote command injection. Exploitation has been publicly released, and the issue affects devices no longer supported...

D-Link DIR-823X: Operating System Command Injection Vulnerability

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter “langateway” in the function sub41E2A0 within the...

TOTOLINK EX1800T cstecgi.cgi lanGateway Parameter Arbitrary Command Execution Vulnerability

TOTOLINK EX1800T is a Wi-Fi range extender from China's TOTOLINK, which supports Wi-Fi 6 technology and enhances signal coverage by connecting wirelessly to a router, making it suitable for home and small office environments. A command execution vulnerability exists in the TOTOLINK EX1800T, which...