CVE-2026-2193 PUBLISHED

A vulnerability was detected in D-Link DI-7100G C1 24.04.18D1. Affected by this issue is the function set_jhttpd_info. Performing a manipulation of the argument usb_username results in command injection. Remote exploitation of the attack is possible.

• jfkk (VulDB User) reporter

• VDB-344896 | D-Link DI-7100G C1 set_jhttpd_info command injection
• VDB-344896 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #749803 | D-Link DI-7100G C1, 24.04.18D1 Command Injection
• https://github.com/glkfc/IoT-Vulnerability/blob/main/D-Link/Dlink_4.md
• https://www.dlink.com/

• Command Injection CWE
• Injection CWE