← Retour aux CVEs
CVE-2026-1685
LOW3.7
Description
A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.
Details CVE
Score CVSS v3.13.7
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisNONE
Interaction utilisateurNONE
Publie1/30/2026
Derniere modification4/29/2026
Sourcenvd
Observations honeypot0
Produits affectes
dlink:dir-823xdlink:dir-823x_firmware
Faiblesses (CWE)
CWE-307CWE-799
References
https://github.com/master-abc/cve/issues/17(cna@vuldb.com)
https://vuldb.com/?ctiid.343479(cna@vuldb.com)
https://vuldb.com/?id.343479(cna@vuldb.com)
https://vuldb.com/?submit.740886(cna@vuldb.com)
https://www.dlink.com/(cna@vuldb.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.