D-Link DIR-823X Login sub_40AC74 excessive authentication_CVE-2026-1685

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.

Basic Information

ID CVE-2026-1685

Source VulDB

Published Jan 30, 2026 at 14:32

Modified Jan 30, 2026 at 14:55

Affected Product

Vendor D-Link

Product DIR-823X

Version 250416

Affected Versions D-Link DIR-823X 250416

CWE Classification

CWE-307 CWE-799

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.",
    "published": "2026-01-30T14:32:10.501Z",
    "modified": "2026-01-30T14:55:54.845Z",
    "type": "cve",
    "title": "D-Link DIR-823X Login sub_40AC74 excessive authentication",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.343479\nhttps://vuldb.com/?ctiid.343479\nhttps://vuldb.com/?submit.740886\nhttps://github.com/master-abc/cve/issues/17\nhttps://www.dlink.com/",
    "id": "CVE-2026-1685",
    "bulletinFamily": "",
    "cwe": [
        "CWE-307",
        "CWE-799"
    ],
    "cvelist": null,
    "sourceData": "D-Link DIR-823X 250416",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIR-823X",
    "version": "250416",
    "vendor": "D-Link",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}