While the focus of Web3 security often gravitates towards smart contracts and wallet logic, vulnerabilities in foundational network infrastructure can critically undermine the protection of digital assets. Active exploitation has been confirmed against a critical Remote Code Execution (RCE) flaw (CVE-2026-0625, CVSS 9.3) discovered in legacy D-Link DSL gateway routers. This vulnerability stems from a command injection flaw within the “dnscfg.cgi” endpoint of the router’s configuration interface. The core issue lies in the improper sanitization of user-supplied DNS configuration parameters, allowing an unauthenticated remote attacker to inject arbitrary system commands and gain full control over the router. As Web3 security experts, we cannot overlook the profound risks posed by this edge device vulnerability. Attackers exploiting this flaw could monitor and manipulate all traffic traversing the home network. This opens the door to severe threats such as DNS hijacking, redirecting users to sophisticated phishing sites targeting crypto wallets, or using the compromised router as a pivot point for lateral movement against Web3-related devices (e.g., PCs running hot wallets) within the local network. Users still utilizing these legacy devices are strongly advised to cease use immediately or isolate them completely from the external network. Protecting the future of Web3 requires not only meticulous smart contract audits but also uncompromising security hardening of the network edge utilized by every user.
Source: Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
コメント