While the primary focus in Web3 security typically centers on smart contracts and protocol design, threats originating from foundational infrastructure layers pose a significant and often underestimated risk. A newly discovered critical Remote Code Execution (RCE) vulnerability (CVE-2026-0625, CVSS 9.3) affecting legacy D-Link DSL gateway routers is now under active exploitation in the wild.
This severe flaw concerns a case of command injection within the “dnscfg.cgi” endpoint, stemming from the improper sanitization of user-supplied DNS configuration parameters. The ability for an unauthenticated remote attacker to inject arbitrary commands renders this vulnerability extremely dangerous, threatening the integrity of any network relying on these devices.
For Web3 participants, a compromised network router can be catastrophic. If an attacker gains control of the gateway, they can execute sophisticated DNS hijacking attacks, redirecting users attempting to access legitimate DEXs or wallet management interfaces to malicious phishing sites designed specifically to harvest private keys or seed phrases. We strongly urge all readers to immediately audit their network hardware. If any affected D-Link models are in use, immediate migration to securely patched or supported devices is essential. Robust physical and network security practices are non-negotiable for digital asset protection.
Source: Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
コメント