D-Link DIR-823X set_mac_clone os command injection_CVE-2026-2082

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Basic Information

ID CVE-2026-2082

Source VulDB

Published Feb 7, 2026 at 10:02

Affected Product

Vendor D-Link

Product DIR-823X

Version 250416

Affected Versions D-Link DIR-823X 250416

CWE Classification

CWE-78 CWE-77

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.",
    "published": "2026-02-07T10:02:07.908Z",
    "modified": "2026-02-07T10:02:07.908Z",
    "type": "cve",
    "title": "D-Link DIR-823X set_mac_clone os command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344649\nhttps://vuldb.com/?ctiid.344649\nhttps://vuldb.com/?submit.745854\nhttps://github.com/master-abc/cve/issues/21\nhttps://github.com/master-abc/cve/issues/21#issue-3847172823\nhttps://www.dlink.com/",
    "id": "CVE-2026-2082",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "D-Link DIR-823X 250416",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DIR-823X",
    "version": "250416",
    "vendor": "D-Link",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}