{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/legacy-device/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["command-injection","router","legacy-device"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4627 is an OS command injection vulnerability affecting D-Link DIR-825 and DIR-825R routers, specifically versions 1.0.5 and 4.5.1. The vulnerability resides within the \u003ccode\u003ehandler_update_system_time\u003c/code\u003e function of the \u003ccode\u003elibdeuteron_modules.so\u003c/code\u003e file, which is part of the NTP service. An attacker with administrative privileges can inject arbitrary OS commands by manipulating the input to this function. The vulnerability can be exploited remotely, allowing a threat actor to potentially gain…\u003c/p\u003e\n","date_modified":"2026-03-24T05:16:24Z","date_published":"2026-03-24T05:16:24Z","id":"/briefs/2026-03-dlink-command-injection/","summary":"CVE-2026-4627 is an OS command injection vulnerability in the handler_update_system_time function of the libdeuteron_modules.so file in the NTP Service component of D-Link DIR-825 and DIR-825R devices, which can be exploited remotely by authenticated attackers.","title":"D-Link DIR-825/825R OS Command Injection Vulnerability (CVE-2026-4627)","url":"https://feed.craftedsignal.io/briefs/2026-03-dlink-command-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Legacy-Device","version":"https://jsonfeed.org/version/1.1"}