CVE-2026-2055 – A vulnerability in D-Link DIR-605L and DIR-619L... (How to Fix)

Q: What is the severity of CVE-2026-2055?

CVE-2026-2055 has a CVSS score of 5.3 (MEDIUM). A vulnerability in D-Link DIR-605L and DIR-619L routers allows remote attackers to disclose sensitive information via the DHCP Client Information Handler component. This affects devices running firmware versions 2.06B01 and 2.13B01. These products are no longer supported by the vendor.

📋 TL;DR

A vulnerability in D-Link DIR-605L and DIR-619L routers allows remote attackers to disclose sensitive information via the DHCP Client Information Handler component. This affects devices running firmware versions 2.06B01 and 2.13B01. These products are no longer supported by the vendor.

💻 Affected Systems

Products:

D-Link DIR-605L
D-Link DIR-619L

Versions: 2.06B01, 2.13B01

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects end-of-life products no longer receiving vendor support.

📦 What is this software?

Dir 605l Firmware by Dlink

View all CVEs affecting Dir 605l Firmware →

Dir 619l Firmware by Dlink

View all CVEs affecting Dir 619l Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attackers could extract sensitive network configuration information, credentials, or device details that could facilitate further attacks.

🟠

Likely Case

Information disclosure revealing network topology, device identifiers, or configuration details that could aid reconnaissance for subsequent attacks.

🟢

If Mitigated

Limited impact with proper network segmentation and firewall rules preventing external DHCP traffic to affected devices.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof-of-concept exploit code is publicly available on GitHub.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available as products are end-of-life. Replace affected hardware with supported models.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected routers from untrusted networks using VLANs or physical separation.

Firewall Rules

all

Block external DHCP requests to affected devices at network perimeter.

🧯 If You Can't Patch

Replace affected routers with supported models
Implement strict network segmentation to isolate vulnerable devices

🔍 How to Verify

Check if Vulnerable:

Check router firmware version via web interface at http://[router-ip]/ or via serial console.

Check Version:

Check router web interface or use nmap -sV [router-ip] to identify device model and firmware.

Verify Fix Applied:

Verify replacement with supported hardware or successful network segmentation.

📡 Detection & Monitoring

Log Indicators:

Unusual DHCP traffic patterns
Multiple failed or malformed DHCP requests

Network Indicators:

Suspicious external DHCP traffic to router IPs
Unusual information disclosure in DHCP responses

SIEM Query:

source_ip=external AND dest_port=67 AND protocol=udp AND dest_ip=[router-ip]

📊 Metadata

CVE ID: CVE-2026-2055

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-200

EPSS Score: 0.06% exploit probability (18.2th percentile)

Published: February 6, 2026

Last Updated: February 17, 2026

🔗 References

https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_82/82.md Exploit,Third Party Advisory
https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_82/82.md#poc--result Exploit,Third Party Advisory
https://vuldb.com/?ctiid.344615 Permissions Required,VDB Entry
https://vuldb.com/?id.344615 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.744225 Third Party Advisory,VDB Entry
https://www.dlink.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-2055, you might also want to check these: