CVE-2026-5844

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 version 1.01B02

Description A flaw exists in the sprintf function within the prog.cgi file of the HNAP1 SetNetworkSettings Handler component. Manipulation of the IPAddress argument can lead to operating system command injection. This issue is remotely exploitable and affects a product no longer supported by the maintainer.

Recommendations Update to a newer version if available. As a temporary workaround, consider disabling the HNAP1 SetNetworkSettings Handler component until a patch is available.