CVE-2026-4499

Name of the Vulnerable Software and Affected Versions D-Link DIR-820LW version 2.03

Description A flaw exists in the SSDP component’s ssdpcgi main function that could allow for operating system command injection. Successful exploitation may occur remotely. The exploit has been publicly disclosed.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the SSDP functionality until a patch is available.