CVE-2026-7554
Received Received - Intake
Weak Password Recovery in D-Link M60 Firmware

Publication date: 2026-05-01

Last updated on: 2026-05-06

Assigner: VulDB

Description
A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7554
EUVD
EUVD-2026-26480
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dlink m60_firmware 1.20b02
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-640 The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects the D-Link M60 device up to version 1.20B02. It involves an unknown functionality within the file /usr/bin/httpd that leads to weak password recovery mechanisms. The vulnerability can be exploited remotely, but requires a high degree of complexity to carry out the attack. Although exploitation is difficult, the exploit has been publicly disclosed and could potentially be used by attackers.

Impact Analysis

The vulnerability can allow an attacker to remotely manipulate the password recovery process, potentially leading to unauthorized access due to weak password recovery. This could compromise the security of the affected device, allowing attackers to gain access or control, which may lead to further exploitation or data breaches.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7554. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart