Description
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2026-04-09
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote OS Command Injection
Action: Patch Immediately
AI Analysis

Impact

A remote attacker can manipulate the IPAddress parameter in the HNAP1 SetNetworkSettings Handler of a D-Link DIR‑882 router to inject operating system commands via a vulnerable sprintf call. This leads to arbitrary code execution on the device, allowing full control and potential compromise of the network.

Affected Systems

The vulnerability affects D-Link DIR‑882 routers running firmware version 1.01B02, which is no longer supported by the manufacturer.

Risk and Exploitability

With a CVSS score of 8.6 the issue is considered high severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. The exploit is publicly known and can be triggered without authentication from any remote host. Due to the lack of active support, users are at significant risk if the device remains exposed.

Generated by OpenCVE AI on April 9, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest supported release from D-Link.
  • If an update is unavailable, block or disable the HNAP interface or restrict access to the device to trusted local networks.
  • Monitor network traffic for attempts to exploit the HNAP SetNetworkSettings endpoint and apply firewall rules as needed.

Generated by OpenCVE AI on April 9, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-882
Vendors & Products D-link
D-link dir-882

Thu, 09 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title D-Link DIR-882 HNAP1 SetNetworkSettings prog.cgi sprintf os command injection
Weaknesses CWE-77
CWE-78
References
Metrics cvssV2_0

{'score': 8.3, 'vector': 'AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.2, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Dir-882
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-09T12:41:29.493Z

Reserved: 2026-04-08T18:25:11.487Z

Link: CVE-2026-5844

cve-icon Vulnrichment

Updated: 2026-04-09T12:41:25.511Z

cve-icon NVD

Status : Received

Published: 2026-04-09T05:16:06.653

Modified: 2026-04-09T05:16:06.653

Link: CVE-2026-5844

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:24:57Z

Weaknesses