CVE-2026-2157 | D-Link DIR-823X 250416 set_static_route_table sub_4175CC interface/destip/netmask/gateway/metric os command injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability labeled as critical has been found in D-Link DIR-823X 250416. This affects the function sub_4175CC of the file /goform/set_static_route_table. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection.

This vulnerability is listed as CVE-2026-2157. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-2157 | D-Link DIR-823X 250416 set_static_route_table sub_4175CC interface/destip/netmask/gateway/metric os command injection

Post correlati

CVE-2025-12596 | Tenda AC23 16.03.07.52 saveParentControlInfo Time buffer overflow

CVE-2024-51758 | filament up to 3.2.122 default_filesystem_disk insecure default initialization of resource

CVE-2026-1122 | Yonyou KSOA 9.0 HTTP GET Parameter /worksheet/work_info.jsp ID sql injection

CVE-2022-47532 | FileRun 20220519 ?module=users&section=cpanel&page=list dir sql injection (usd-2022-0064)