EIP-2026-101654

PRE-CVE

D-Link Routers - Authentication Bypass (2)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101654. PoCs published by SourceSec DevTeam.

AI-analyzed exploit summary The provided text describes vulnerabilities in multiple D-Link routers due to insecure HNAP implementations, allowing unauthenticated access and bypass of CAPTCHA login features. It references a detailed report and PoC code but does not contain actual exploit code.

Description

D-Link Routers - Authentication Bypass (2)

Exploits (1)

exploitdb WRITEUP
by SourceSec DevTeam · textwebappshardware
https://www.exploit-db.com/exploits/11101

The provided text describes vulnerabilities in multiple D-Link routers due to insecure HNAP implementations, allowing unauthenticated access and bypass of CAPTCHA login features. It references a detailed report and PoC code but does not contain actual exploit code.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: D-Link routers (DI-524 C1, DIR-628 B2, DIR-655 A1)
No auth needed
Prerequisites: Network access to the target router · HNAP enabled on the router
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026