CVE-2026-2227 | D-Link DCS-931L up to 1.13.0 /setSystemAdmin doSystem AdminID command injection

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability marked as critical has been reported in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability was named CVE-2026-2227. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-2227 | D-Link DCS-931L up to 1.13.0 /setSystemAdmin doSystem AdminID command injection

Post correlati

CVE-2025-1259 | Arista EOS up to 4.33.1 OpenConfig access control

CVE-2023-48248 | Rexroth Nexo Cordless Nutrunner up to V1500-SP2 URL cross site scripting

CVE-2024-32983 | Misskey prior 2024.5.0 authorization (GHSA-2vxv-pv3m-3wvj)

CVE-2025-56816 | Datart 1.0.0-rc.3 YAML File jdbc-driver-ext.yml load/loadAs path traversal