Description
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.
Published: 2026-01-21
Score: 8.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation leading to Arbitrary Code Execution with administrative rights
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in D-Link D-View 8 allows an attacker to supply a malicious "version.dll" file in the same folder as the installer. When a user runs the installer and accepts the UAC prompt, the program loads the DLL from its execution directory. Because the search path is uncontrolled, the attacker’s DLL is loaded, allowing the attacker’s code to execute with the same privileges granted by the UAC elevation. This results in full system compromise, including data theft, persistence, or further lateral movement.

Affected Systems

All D-Link D-View 8 installations running version 2.0.1.107 or older are affected. D-Link recommends upgrading to version 2.0.5.109 Beta or later to eliminate the flaw.

Risk and Exploitability

The CVSS score of 8.4 indicates a high severity finding. The EPSS score of less than 1% suggests that the likelihood of exploitation in the wild is currently low, and the vulnerability is not listed in the CISA KEV catalog. However, because it involves elevation of privilege through ordinary user interaction, any user with local access who runs the installer can be taken over. The likely attack vector is local, relying on the installer’s execution by a victim who accepts a UAC prompt; this is inferred from the need to supply a malicious version.dll next to the installer. While exploitation requires the attacker to obtain or trick the user into running a malicious installer file, the impact of successful exploitation is critical.

Generated by OpenCVE AI on April 18, 2026 at 04:12 UTC.

Remediation

Vendor Solution

Upgrade to D-Link D-View 8 version 2.0.5.109 Beta or later.

OpenCVE Recommended Actions

  • Apply the vendor‑provided update to D‑Link D‑View 8 version 2.0.5.109 Beta or later
  • If an update is not immediately available, prevent execution of untrusted installers by disabling automatic installation of D‑Link software or removing the executable from remote or shared locations
  • Ensure that the system’s UAC settings are configured to require administrator approval for all elevation prompts, and audit for any unexpected ‘version.dll’ files in installer directories

Generated by OpenCVE AI on April 18, 2026 at 04:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 30 Jan 2026 21:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:dlink:d-view_8:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink d-view 8
Vendors & Products Dlink
Dlink d-view 8

Thu, 22 Jan 2026 23:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 21 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.
Title D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path
Weaknesses CWE-427
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Dlink D-view 8
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-05T01:30:22.608Z

Reserved: 2026-01-15T18:42:20.938Z

Link: CVE-2026-23755

cve-icon Vulnrichment

Updated: 2026-01-22T15:11:08.877Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-21T18:16:26.117

Modified: 2026-01-30T21:33:18.047

Link: CVE-2026-23755

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T04:15:05Z

Weaknesses