CVE-2026-1685

Summary

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.

Affected Software

VendorProductVersion RangeStatus
D-LinkDIR-823X250416affected

Weaknesses

  • CWE-307: Improper Restriction of Excessive Authentication Attempts
  • CWE-799: Improper Control of Interaction Frequency

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References