January 12, 2026

Legacy D-Link DSL Routers Exploited via Unauthenticated DNS Hijacking (CVE-2026-0625)

January 12, 2026

LA critical command-injection flaw in legacy (end-of-life) D-Link DSL gateway routers is being actively exploited to achieve unauthenticated remote code execution (RCE) and silent DNS setting changes (DNS hijacking). What happened (and why it matters) The bug is tracked as CVE-2026-0625 (CVSS 9.3) and sits in the router CGI endpoint dnscfg.cgi, where DNS configuration parameters aren’t properly…

January 12, 2026

Legacy D-Link DSL Routers Exploited via Unauthenticated DNS Hijacking (CVE-2026-0625)

Featured Posts

What is Azure Data Factory (ADF)?

How to demote a Domain Controller: A step-by-step guide

Healthcare data Breaches down almost 50 percent in the first month of 2021

Popular with Readers

Active Directory Users and Computers (ADUC) - An introduction and installation guide

Active Directory Sites

Active Directory Password Policy

Recently Added

Handling Rehires: The ‘Duplicate Identity’ Nightmare in HR-Driven Provisioning

Rescinded Hire Architecture

Integrating Entra with third-party apps

ManageEngine among notable vendors in Forrester’s report

5 ways to mitigate the rising threat of identity sprawl

6-step guide to Enhance Hybrid IT Security

SysAdmin Toolkit

Group Policy Guide

January 12, 2026

Featured Posts

Popular with Readers

Recently Added