CVE-2026-2218 | D-Link DCS-933L up to 1.14.11 alphapd /setSystemAdmin AdminID command injection

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability has been found in D-Link DCS-933L up to 1.14.11 and classified as critical. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is registered as CVE-2026-2218. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-2218 | D-Link DCS-933L up to 1.14.11 alphapd /setSystemAdmin AdminID command injection

Post correlati

CVE-2024-22347 | IBM UrbanCode Velocity/DevOps Velocity up to 4.0.25 risky encryption

CVE-2025-0444 | Google Chrome up to 132.0.6834.159 Skia use after free (ID 390889)

CVE-2023-6636 | Greenshift Plugin up to 7.6.2 on WordPress unrestricted upload

CVE-2024-42180 | HCL DRYiCE MyXalytics 6.3 unrestricted upload (KB0118149)