Back to CVE List

CVE-2026-2143

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.2 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vulnerability Description

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/set_ddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-77
Source
NVD
Vendor
dlink
Product
dir-823x_firmware

External References

Discussion (0)

Add Comment

No comments yet. Be the first!