A critical security flaw in legacy D-Link DSL gateway routers has been actively exploited, posing an immediate threat to users. This vulnerability, tracked as CVE-2026-0625, carries an extremely high CVSS score of 9.3. The root cause is a command injection issue within the “dnscfg.cgi” endpoint.
Technically, the flaw stems from the improper sanitization of user-supplied DNS configuration parameters. Exploiting this defect allows an unauthenticated remote attacker to inject crafted commands into the device, potentially achieving Remote Code Execution (RCE).
The exploitation of routers, which often form the periphery of network infrastructure, constitutes a severe threat to the entire security chain, including environments utilizing Web3 services. This incident highlights the inherent risks associated with the prolonged use of legacy hardware and underscores the critical importance of rigorous input validation practices.
ソース元: Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
Active Exploitation Confirmed for Critical RCE Vulnerability (CVE-2026-0625) in Legacy D-Link DSL Routers
News
コメント