PT-2026-26664 · D Link · D-Link Dir-820L

Junqi

Publicado

2026-03-20

Atualizado

2026-03-21

CVE-2026-4499

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions D-Link DIR-820LW version 2.03

Description A flaw exists in the SSDP component’s ssdpcgi main function that could allow for operating system command injection. Successful exploitation may occur remotely. The exploit has been publicly disclosed.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the SSDP functionality until a patch is available.

Exploit

Correção

OS Command Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-77

Identificadores relacionados

CVE-2026-4499

Produtos afetados

D-Link Dir-820L

PT-2026-26664 · D Link · D-Link Dir-820L

CVE-2026-4499

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9