CVE-2026-0625CRITICALCVSS 9.3v02026-01-05
CVE-2026-0625 [CRITICAL] CWE-306 CVE-2026-0625: Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vul
Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DNS settings without valid credentials, enabling DNS hij
cvelistv5nvd