CVE-2026-0625 - Geek Feed

Hardware
Security
Tech News

New D-Link flaw in legacy DSL routers actively exploited in attacks

January 7, 2026January 7, 2026 geekfeed0Tagged Actively Exploited, Command Injection, CVE-2026-0625, D-Link, hardware, rce, router, vulnerability

Threat actors are exploiting a recently discovered command injection vulnerability that affects multiple D-Link DSL gateway routers that went out of support years ago. The vulnerability is now tracked as CVE-2026-0625 and affects the dnscfg.cgi endpoint due to improper input sanitization in a CGI library. An unauthenticated attacker could leverage this to execute remote commands via DNS configuration parameters. Vulnerability intelligence company […]

2 mins read