Sign-up

ID

VAR-202606-0933


CVE

CVE-2026-11492


TITLE

D-Link Corporation of DIR-823G  Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078

DESCRIPTION

A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in least privilege violation. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. Techniques exploiting this vulnerability have been publicly disclosed and could be used in attacks.- All information handled by the software may be leaked to external parties. - All information handled by the software may be overwritten. - The software may completely shut down

Trust: 1.62

sources: NVD: CVE-2026-11492 // JVNDB: JVNDB-2026-019078

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-823gscope:eqversion:1.0.2b05

Trust: 1.0

vendor:d linkmodel:dir-823gscope:eqversion: -

Trust: 0.8

vendor:d linkmodel:dir-823gscope:eqversion:dir-823g firmware 1.0.2b05

Trust: 0.8

vendor:d linkmodel:dir-823gscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078 // NVD: CVE-2026-11492

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-11492
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2026-11492
value: HIGH

Trust: 1.0

OTHER: JVNDB-2026-019078
value: HIGH

Trust: 0.8

cna@vuldb.com: CVE-2026-11492
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2026-019078
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2026-11492
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-11492
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2026-019078
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078 // NVD: CVE-2026-11492 // NVD: CVE-2026-11492

PROBLEMTYPE DATA

problemtype:CWE-266

Trust: 1.0

problemtype:CWE-272

Trust: 1.0

problemtype:Improper permission settings (CWE-266) [ others ]

Trust: 0.8

problemtype: Violation of least privilege (CWE-272) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078 // NVD: CVE-2026-11492

PATCH

title://vuldb.com/vuln/369112url:https://www.notion.so/D-Link-DIR823G-V1-0-2B05_20181207-3671f5ba989080ac97fdc36d2fb5e57d?source=copy_link

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078

EXTERNAL IDS

db:NVDid:CVE-2026-11492

Trust: 2.6

db:JVNDBid:JVNDB-2026-019078

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078 // NVD: CVE-2026-11492

REFERENCES

url:https://www.dlink.com/

Trust: 1.8

url:https://vuldb.com/vuln/369112

Trust: 1.0

url:https://www.notion.so/d-link-dir823g-v1-0-2b05_20181207-3671f5ba989080ac97fdc36d2fb5e57d?source=copy_link

Trust: 1.0

url:https://vuldb.com/cve/cve-2026-11492

Trust: 1.0

url:https://vuldb.com/vuln/369112/cti

Trust: 1.0

url:https://vuldb.com/submit/834816

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-11492

Trust: 0.8

sources: JVNDB: JVNDB-2026-019078 // NVD: CVE-2026-11492

SOURCES

db:JVNDBid:JVNDB-2026-019078
db:NVDid:CVE-2026-11492

LAST UPDATE DATE

2026-06-19T22:48:32.296000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-019078date:2026-06-10T05:31:00
db:NVDid:CVE-2026-11492date:2026-06-09T16:17:15.573

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-019078date:2026-06-10T00:00:00
db:NVDid:CVE-2026-11492date:2026-06-08T07:16:26.850