CVE-2026-2155 | D-Link DIR-823X 250416 Configuration /goform/set_dmz sub_4208A0 dmz_host/dmz_enable os command injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability categorized as critical has been discovered in D-Link DIR-823X 250416. The affected element is the function sub_4208A0 of the file /goform/set_dmz of the component Configuration Handler. The manipulation of the argument dmz_host/dmz_enable results in os command injection.

This vulnerability is identified as CVE-2026-2155. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-2155 | D-Link DIR-823X 250416 Configuration /goform/set_dmz sub_4208A0 dmz_host/dmz_enable os command injection

Post correlati

CVE-2023-6202 | Mattermost up to 7.8.12/8.1.3/9.0.1/9.1.0 users access control

CVE-2024-26620 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 vfio-ap vfio_ap_mdev_filter_matrix Privilege Escalation

CVE-2024-29024 | JumpServer up to 3.10.5 authorization (GHSA-8wqm-rfc7-q27q)

CVE-2024-13542 | pagup WP Google Street View & Google maps and Local SEO Plugin Shortcode wpgsv cross site scripting