CVE•Published 2026-01-30•Modified 2026-04-29•0 articles on news•6 live references•NVD data

CVE-2026-1685Dlink · Dir-823x_firmware

Vulnerability data via NVD (ingested)

CVSS v3.1

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS percentile

Exploit Prediction Scoring System · top 76% of all CVEs

Weaknesses (CWE)

CWE-307Improper Restriction of Excessive Authentication Attempts CWE-799Improper Control of Interaction Frequency

Description

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used.

Timeline

Published 2026-01-30

Modified 2026-04-29

External references

NVD MITRE Exploit-DB GitHub PoC Sploitus VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-1685

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · OS

os:"Dir-823x Firmware"

Hosts Shodan identified as running Dir-823x Firmware.

More intel sources (5)

Shodan report

vuln:CVE-2026-1685

Country / ASN / product breakdown for the vuln query.

Censys

vulnerabilities.cve_id: CVE-2026-1685