{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5844", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-08T18:25:11.487Z", "datePublished": "2026-04-09T04:45:13.697Z", "dateUpdated": "2026-04-09T12:41:29.493Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-09T04:45:13.697Z"}, "title": "D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "D-Link", "product": "DIR-882", "versions": [{"version": "1.01B02", "status": "affected"}], "modules": ["HNAP1 SetNetworkSettings Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.6, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-08T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-08T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-08T20:49:47.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "meshaal (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/356329", "name": "VDB-356329 | D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356329/cti", "name": "VDB-356329 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/790290", "name": "Submit #790290 | D-Link DIR-882 1.01B02 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://files.catbox.moe/ei31k1.zip", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "tags": ["unsupported-when-assigned"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T12:41:21.854617Z", "id": "CVE-2026-5844", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T12:41:29.493Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5844", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-09T12:41:21.854617Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T12:41:25.511Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection", "credits": [{"lang": "en", "type": "reporter", "value": "meshaal (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 8.3, "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "D-Link", "modules": ["HNAP1 SetNetworkSettings Handler"], "product": "DIR-882", "versions": [{"status": "affected", "version": "1.01B02"}]}], "timeline": [{"lang": "en", "time": "2026-04-08T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-08T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-08T20:49:47.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/356329", "name": "VDB-356329 | D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356329/cti", "name": "VDB-356329 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/790290", "name": "Submit #790290 | D-Link DIR-882 1.01B02 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://files.catbox.moe/ei31k1.zip", "tags": ["exploit"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-09T04:45:13.697Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5844", "state": "PUBLISHED", "dateUpdated": "2026-04-09T12:41:29.493Z", "dateReserved": "2026-04-08T18:25:11.487Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-09T04:45:13.697Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [{"sourceIdentifier": "cna@vuldb.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."}], "id": "CVE-2026-5844", "lastModified": "2026-04-09T05:16:06.653", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-09T05:16:06.653", "references": [{"source": "cna@vuldb.com", "url": "https://files.catbox.moe/ei31k1.zip"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/790290"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356329"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356329/cti"}, {"source": "cna@vuldb.com", "url": "https://www.dlink.com/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.01B02"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "DIR-882", "source": "cna", "vendor": "D-Link"}, "product": "dir-882", "vendor": "d-link"}], "analysis": {"en": {"generated_at": "2026-04-09T06:21:12.665205+00:00", "value": {"mitigation_remediation": ["Update the router firmware to the latest supported release from D-Link.", "If an update is unavailable, block or disable the HNAP interface or restrict access to the device to trusted local networks.", "Monitor network traffic for attempts to exploit the HNAP SetNetworkSettings endpoint and apply firewall rules as needed."], "summary": {"action": "Patch Immediately", "impact": "Remote OS Command Injection"}, "threat_synthesis": {"affected_systems": "The vulnerability affects D-Link DIR\u2011882 routers running firmware version 1.01B02, which is no longer supported by the manufacturer.", "description_and_impact": "A remote attacker can manipulate the IPAddress parameter in the HNAP1 SetNetworkSettings Handler of a D-Link DIR\u2011882 router to inject operating system commands via a vulnerable sprintf call. This leads to arbitrary code execution on the device, allowing full control and potential compromise of the network.", "risk_and_exploitability": "With a CVSS score of 8.6 the issue is considered high severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The exploit is publicly known and can be triggered without authentication from any remote host. Due to the lack of active support, users are at significant risk if the device remains exposed."}}}}, "created": "2026-04-09T08:15:30.729187+00:00", "updated": "2026-04-09T08:24:57.649336+00:00", "vendors": ["d-link", "d-link$PRODUCT$dir-882"]}