CVE-2026-2163 | D-Link DIR-600 up to 2.15WWb02 ssdp.cgi HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID command injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability, which was classified as critical, was found in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is traded as CVE-2026-2163. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-2163 | D-Link DIR-600 up to 2.15WWb02 ssdp.cgi HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID command injection

Post correlati

CVE-2025-22226 | VMware Workstation out-of-bounds

CVE-2024-0470 | code-projects Human Resource Integrated System 1.0 inc_service_credits.php id sql injection

CVE-2025-12868 | CyberTutor New Site Server client-side authentication

CVE-2024-3989 | HT Mega Plugin up to 2.5.0 on WordPress Gallery Justify cross site scripting