PT-2026-6969 · D Link · D-Link Dir-823G

942384053

Publicado

2026-01-27

Atualizado

2026-03-09

CVE-2026-2142

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416

Description A flaw exists in the D-Link DIR-823X firmware. This issue affects the sub 420688 function within the /goform/set qos file, potentially allowing for operating system command injection. The attack can be carried out remotely. The exploit code has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78CWE-77

Identificadores relacionados

BDU:2026-02471

CVE-2026-2142

Produtos afetados

D-Link Dir-823G

PT-2026-6969 · D Link · D-Link Dir-823G

CVE-2026-2142

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13