PT-2026-39536 · D Link · Dcs-935L

0Xcc12138

·

Published

2026-05-10

·

Updated

2026-05-12

·

CVE-2026-8260

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions D-Link DCS-935L versions prior to 1.10.01
Description A remote buffer overflow exists in the HNAP Service component within the '/web/cgi-bin/hnap/hnap service' file. The issue occurs during the processing of the SetDeviceSettings() function when the AdminPassword argument is manipulated. This flaw allows attackers to execute arbitrary code remotely.
Recommendations Update to a version later than 1.10.01. As a temporary workaround, disable the HNAP Service to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-06625
CVE-2026-8260

Affected Products

Dcs-935L