CVE-2026-4627

Name of the Vulnerable Software and Affected Versions D-Link DIR-825 versions 1.0.5 and 4.5.1 D-Link DIR-825R versions 1.0.5 and 4.5.1

Description A flaw exists in the NTP Service component of D-Link DIR-825 and DIR-825R. The issue is located within the handler update system time function of the libdeuteron modules.so file. Successful manipulation of this function can lead to operating system command injection. The attack can be initiated remotely. It is important to note that this issue only impacts products that are no longer receiving support from the maintainer.

Recommendations D-Link DIR-825 version 1.0.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-825 version 4.5.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-825R version 1.0.5: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-825R version 4.5.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.