Threat Intelligence / CVE / CVE-2026-2142

CVE-2026-2142

CVSS 7.2 (HIGH) · EPSS 0.1% · Published 2026-02-08

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420688 of the file /goform/set_qos. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-77, CWE-78

Threats tracking this CVE

CVE-2025-29635 — Mirai Variant Campaign Recruiting D-Link DIR-823X Routers via /goform/set_prohibiting Command Injection — HIGH

References

https://github.com/master-abc/cve/issues/29
https://vuldb.com/?ctiid.344777
https://vuldb.com/?id.344777
https://vuldb.com/?submit.747428
https://www.dlink.com/

Full detection coverage & IOCs for threats exploiting CVE-2026-2142 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence