CVE-2026-2084 D-Link DIR-823X set_language os command injection

A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/setlanguage. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to...

EUVD-2026-5729

A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/setlanguage. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to...

CVE-2026-2084

CVE-2026-2084 affects D-Link DIR-823X (version 250416). A vulnerability in /goform/set_language arises from manipulating the langSelection argument, enabling OS command injection. Attack can be launched remotely and exploits are publicly available. Red Hat/NVD entries confirm the same details; PT...

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

CVE-2026-2082

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

CVE-2026-2082

CVE-2026-2082 affects D-Link DIR-823X (build 250416). The flaw lies in the /goform/set_mac_clone path where manipulating the argument mac allows an os command injection due to an identified vulnerable function. This enables remote attackers to execute commands with high privileges; exploitation i...

EUVD-2026-5731

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2026-2082 D-Link DIR-823X set_mac_clone os command injection

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2026-2082 D-Link DIR-823X set_mac_clone os command injection

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

EUVD-2026-5732

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

CVE-2026-2081 D-Link DIR-823X set_password os command injection

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

PT-2026-6900

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X 250416 that allows remote attackers to execute operating system commands. This is achieved by manipulating the mac argument within the /goform/set mac clone file throu...

PT-2026-6899

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X version 250416 that allows remote attackers to execute operating system commands. This occurs due to a command injection in an unknown function within the /goform/set...

PT-2026-6902

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A weakness exists in D-Link DIR-823X version 250416. A manipulation of the langSelection argument in the file /goform/set language can lead to os command injection. The attack can be launched remotely...

D-Link DIR-823X 操作系统命令注入漏洞

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter “langSelection” in the file “goform/setlanguage”, which...

CVE-2026-25581

SCEditor is a lightweight WYSIWYG BBCode and XHTML editor. Prior to 3.2.1, if an attacker has the ability control configuration options passed to sceditor.create, like emoticons, charset, etc. then it's possible for them to trigger an XSS attack due to lack of sanitisation of configuration option...

CVE-2026-2063

A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...

CVE-2026-2063

A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...