CVE-2026-13545 | D-Link DCS-935L 1.10.01 POST Parameter setconf.cgi sub_400E40 UID os command injection

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability labeled as critical has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection.

This vulnerability is uniquely identified as CVE-2026-13545. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-13545 | D-Link DCS-935L 1.10.01 POST Parameter setconf.cgi sub_400E40 UID os command injection

Post correlati

CVE-2025-5928 | WP Sliding Login Dashboard Panel Plugin up to 2.1.1 on WordPress Setting wp_sliding_panel_user_options cross-site request forgery

CVE-2026-32842 | Edimax GS-5008PL up to 1.00.54 cleartext storage

CVE-2024-4839 | parisneo lollms-webui up to 9.6 XTTS Service cross-site request forgery

CVE-2024-29975 | Zyxel NAS326/NAS542 prior 5.21 privileges management