EIP-2026-101237

PRE-CVE

D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101237. PoCs published by Samuel Huntley.

AI-analyzed exploit summary The exploit demonstrates two buffer overflow vulnerabilities in DIR-866L routers: one in the HNAP functionality (no authentication required) and another in the send email functionality (requires LAN access or XSRF). Both PoCs use ROP chains to achieve arbitrary code execution.

Description

D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Samuel Huntley · textremotehardware

https://www.exploit-db.com/exploits/38717

View Code ZIP pw:eip

The exploit demonstrates two buffer overflow vulnerabilities in DIR-866L routers: one in the HNAP functionality (no authentication required) and another in the send email functionality (requires LAN access or XSRF). Both PoCs use ROP chains to achieve arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: D-Link DIR-866L AC1750 Wi-Fi Router (firmware version unspecified)

No auth needed

Prerequisites: Network access to the router's management interface (LAN or exposed to internet) · For send email exploit: LAN access or XSRF to trick an admin

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026