CVE-2026-2129
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performing a manipulation of the argument ac_ipaddr/ac_ipstatus/ap_randtime results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.
Analysis
Unauthenticated remote attackers can execute arbitrary OS commands on D-Link DIR-823X routers through command injection in the /goform/set_ac_status endpoint via manipulation of ac_ipaddr, ac_ipstatus, or ap_randtime parameters. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all D-Link DIR-823X 250416 devices in your environment and isolate them from critical network segments if possible. Within 7 days: Implement network segmentation to restrict access to affected router management interfaces and enable access logging. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today