CVE-2026-2129 – D-Link DIR-823X set_ac_status os command injection

CVE ID : CVE-2026-2129

Published : Feb. 8, 2026, 2:15 a.m. | 1 hour, 3 minutes ago

Description : A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performing a manipulation of the argument ac_ipaddr/ac_ipstatus/ap_randtime results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.

Severity: 8.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…