CVE-2026-11555
⚪ Do wiadomości
Wykorzystanie luki w interfejsie webowym D-Link DGS-1100-08PD prowadzi do naruszenia uprawnień.
CVSS
3.7
EPSS
0.1%
Exploit
none
Vendor
dlink
Opis źródłowy (NVD)
A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is publicly available and might be used.
brak
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 3.7 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.1% |
| Opublikowano (NVD) | 2026-06-08 18:16:32 UTC |
| Ostatnia modyfikacja (NVD) | 2026-06-09 16:16:56 UTC |
Referencje
- https://vuldb.com/cve/CVE-2026-11555 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/submit/834824 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/vuln/369165 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/vuln/369165/cti (cna@vuldb.com) [Permissions Required, VDB Entry]
- https://www.dlink.com/ (cna@vuldb.com) [Product]
- https://www.notion.so/D-link-DGS-1100-08PD-v1-00-006-3670ed14e5cb80848bc4e3129dfafa29?source=copy_link (cna@vuldb.com) [Vendor Advisory]