CVE-2026-2227 | D-Link DCS-931L up to 1.13.0 /setSystemAdmin doSystem AdminID command injection

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability marked as critical has been reported in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability was named CVE-2026-2227. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-2227 | D-Link DCS-931L up to 1.13.0 /setSystemAdmin doSystem AdminID command injection

Post correlati

CVE-2025-53025 | Oracle VM VirtualBox 7.1.10 Core improper authorization

CVE-2025-25678 | Tenda i12 1.0.0.10(3805) formSetCfm funcpara1 buffer overflow

CVE-2025-40885 | Nozomi Guardian/CMC up to 25.1.x Smart Polling sql injection

CVE-2024-12469 | WP BASE Booking of Appointments, Services and Events Plugin cross site scripting