← Back to CVEs
CVE-2026-1685
LOW3.7
Description
A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.
CVE Details
CVSS v3.1 Score3.7
SeverityLOW
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
Published1/30/2026
Last Modified4/29/2026
Sourcenvd
Honeypot Sightings0
Affected Products
dlink:dir-823xdlink:dir-823x_firmware
Weaknesses (CWE)
CWE-307CWE-799
References
https://github.com/master-abc/cve/issues/17(cna@vuldb.com)
https://vuldb.com/?ctiid.343479(cna@vuldb.com)
https://vuldb.com/?id.343479(cna@vuldb.com)
https://vuldb.com/?submit.740886(cna@vuldb.com)
https://www.dlink.com/(cna@vuldb.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.