CVE-2026-1419
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dcs-700l_firmware | 1.03.09 |
| dlink | dcs-700l | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1419 is a command injection vulnerability in the D-Link DCS700l device (firmware version 1.03.09), specifically in the Web Form Handler component at the /setDayNightMode endpoint. The vulnerability arises because the LightSensorControl parameter is not properly validated or sanitized before being used in a system shell command, allowing an attacker to inject arbitrary commands remotely. Exploiting this flaw can lead to unauthorized command execution on the device. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to execute arbitrary commands on the affected device, compromising its integrity and availability. It can lead to unauthorized access, disclosure of sensitive information, and potentially enable further attacks on your network or systems. Since the exploit is publicly available and relatively easy to use, the risk of exploitation is significant. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on monitoring requests to the /setDayNightMode endpoint of the D-Link DCS700l device, specifically looking for unusual or malformed inputs in the LightSensorControl parameter that could indicate command injection attempts. Since the vulnerability involves injection into a shell command, commands such as inspecting web server logs for suspicious parameters or using network monitoring tools to detect unusual HTTP requests to /setDayNightMode can help. For example, using grep on logs: `grep '/setDayNightMode' /var/log/httpd/access_log` or similar. Additionally, monitoring for unexpected command executions or anomalies on the device may help. However, no specific detection commands or signatures are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected D-Link DCS700l device or discontinuing its use, as no known patches or countermeasures are available. Restricting remote access to the device's web interface and limiting authentication to trusted users with high privileges may reduce risk but do not fully mitigate the vulnerability. Monitoring for exploitation attempts is also advised. Ultimately, device replacement is suggested to avoid exploitation. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote command injection that can compromise the confidentiality, integrity, and availability of the affected system. Such compromises could lead to unauthorized access or disclosure of sensitive data, which may result in non-compliance with data protection regulations like GDPR and HIPAA. However, no specific details on compliance impact or regulatory violations are provided. [1, 2]