Sign-up

ID

VAR-202602-0405


CVE

CVE-2026-2218


DESCRIPTION

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.

Trust: 1.0

sources: NVD: CVE-2026-2218

AFFECTED PRODUCTS

vendor:dlinkmodel:dcs-933lscope:lteversion:1.14.11

Trust: 1.0

sources: NVD: CVE-2026-2218

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-2218
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2026-2218
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2026-2218
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2026-2218
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-2218
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-2218 // NVD: CVE-2026-2218

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.0

problemtype:CWE-74

Trust: 1.0

sources: NVD: CVE-2026-2218

EXTERNAL IDS

db:VULDBid:344936

Trust: 1.0

db:NVDid:CVE-2026-2218

Trust: 1.0

sources: NVD: CVE-2026-2218

REFERENCES

url:https://github.com/jinhao118/cve/blob/main/d-link%20dcs933l_v1.14.11.md#poc

Trust: 1.0

url:https://vuldb.com/?id.344936

Trust: 1.0

url:https://vuldb.com/?submit.753247

Trust: 1.0

url:https://vuldb.com/?ctiid.344936

Trust: 1.0

url:https://github.com/jinhao118/cve/blob/main/d-link%20dcs933l_v1.14.11.md

Trust: 1.0

url:https://www.dlink.com/

Trust: 1.0

sources: NVD: CVE-2026-2218

SOURCES

db:NVDid:CVE-2026-2218

LAST UPDATE DATE

2026-02-12T23:31:07.263000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-2218date:2026-02-11T18:33:50.317

SOURCES RELEASE DATE

db:NVDid:CVE-2026-2218date:2026-02-09T06:16:25.013