ГлавнаяУязвимости → CVE-2026-8260
8.8высокая

CVE-2026-8260

Описание

A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

Затрагиваемое ПО
Dlink Dcs-935l firmwareDlink Dcs-935l
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/0xcc12138/DCS-935L-HNAP-Service-CVEhttps://vuldb.com/submit/809888https://vuldb.com/vuln/362557https://vuldb.com/vuln/362557/ctihttps://www.dlink.com/