Yun Zhang (DavCloudz)

2 exploits Active since Jan 2026
CVE-2026-0732 WRITEUP MEDIUM WRITEUP
D-Link DI-8200G 17.12.20A1 - OS Command Injection via /upgrade_filter.asp path Parameter
A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVSS 6.3
CVE-2026-1125 WRITEUP HIGH WORKING POC
D-Link DIR-823X 250416 - OS Command Injection via wd_enable Parameter
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_wifidog_settings. Executing a manipulation of the argument wd_enable can lead to command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
CVSS 7.3