PT-2026-5227 · D Link · Dir-823
Jiefengliang
·
Published
2026-01-14
·
Updated
2026-02-09
·
CVE-2026-1544
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-823X version 250416
Description
A security flaw exists in D-Link DIR-823X version 250416. The issue is related to the
sub 41E2A0 function within the /goform/set mode file. Manipulation of the lan gateway argument can lead to operating system command injection. This attack is possible remotely. The exploit has been publicly released. This vulnerability affects products that are no longer supported by the maintainer.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Command Injection
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dir-823