Description
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-04-09
Score: 8.6 High
EPSS: 5.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A remote attacker can supply a crafted IPAddress value to the HNAP1 SetNetworkSettings handler on a D‑Link DIR‑882 router. The value is passed to a vulnerable sprintf call in prog.cgi, which results in OS command injection. The attacker can cause the router to execute arbitrary shell commands, potentially affecting the device’s integrity and availability.

Affected Systems

This flaw affects the D‑Link DIR‑882 router running firmware version 1.01B02. The firmware is no longer supported by the manufacturer, and no other revisions or devices are listed as impacted.

Risk and Exploitability

The CVSS score of 8.6 categorizes the vulnerability as high severity, and an EPSS score of 5% indicates a moderate probability that it will be exploited in the wild. Although the vulnerability is not listed in the CISA KEV catalog, the public exploit code combined with the lack of official vendor support increases the risk. Because the attack can be performed remotely without requiring authentication, exposed devices remain at significant risk.

Generated by OpenCVE AI on June 18, 2026 at 13:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • If firmware updates are available for other supported models, replace the DIR‑882 or upgrade to a firmware version that is still maintained.
  • If no update exists, disable the HNAP interface entirely or restrict its access to trusted local users only.
  • Configure the router’s firewall or upstream network device to block external traffic to the HNAP SetNetworkSettings endpoint and monitor for suspicious requests.

Generated by OpenCVE AI on June 18, 2026 at 13:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-882
Dlink dir-882 Firmware
CPEs cpe:2.3:h:dlink:dir-882:a1:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-882_firmware:1.01b02:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-882
Dlink dir-882 Firmware

Thu, 09 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-882
Vendors & Products D-link
D-link dir-882

Thu, 09 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection
Weaknesses CWE-77
CWE-78
References
Metrics cvssV2_0

{'score': 8.3, 'vector': 'AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}


Subscriptions

D-link Dir-882
Dlink Dir-882 Dir-882 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-09T12:41:29.493Z

Reserved: 2026-04-08T18:25:11.487Z

Link: CVE-2026-5844

cve-icon Vulnrichment

Updated: 2026-04-09T12:41:25.511Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T05:16:06.653

Modified: 2026-06-17T10:59:44.717

Link: CVE-2026-5844

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T13:30:05Z

Weaknesses
  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')

  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')