CVE-2026-11555

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is publicly available and might be used.

CVSS v3 3.7 LOW
CVSS v2.0 2.6 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

2.6^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://vuldb.com/cve/CVE-2026-11555	Third Party Advisory VDB Entry
https://vuldb.com/submit/834824	Third Party Advisory VDB Entry
https://vuldb.com/vuln/369165	Third Party Advisory VDB Entry
https://vuldb.com/vuln/369165/cti	Permissions Required VDB Entry
https://www.dlink.com/	Product
https://www.notion.so/D-link-DGS-1100-08PD-v1-00-006-3670ed14e5cb80848bc4e3129dfafa29?source=copy_link	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dgs-1100-08pd_firmware:1.00.006:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dgs-1100-08pd:-:*:*:*:*:*:*:*

History

09 Jun 2026, 16:16

Type	Values Removed	Values Added
First Time		Dlink dgs-1100-08pd Firmware Dlink Dlink dgs-1100-08pd
CPE		cpe:2.3:o:dlink:dgs-1100-08pd_firmware:1.00.006:::::::* cpe:2.3:h:dlink:dgs-1100-08pd:-:::::::*
References	~~() https://vuldb.com/cve/CVE-2026-11555 -~~	() https://vuldb.com/cve/CVE-2026-11555 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/submit/834824 -~~	() https://vuldb.com/submit/834824 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/vuln/369165 -~~	() https://vuldb.com/vuln/369165 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/vuln/369165/cti -~~	() https://vuldb.com/vuln/369165/cti - Permissions Required, VDB Entry
References	~~() https://www.dlink.com/ -~~	() https://www.dlink.com/ - Product
References	~~() https://www.notion.so/D-link-DGS-1100-08PD-v1-00-006-3670ed14e5cb80848bc4e3129dfafa29?source=copy_link -~~	() https://www.notion.so/D-link-DGS-1100-08PD-v1-00-006-3670ed14e5cb80848bc4e3129dfafa29?source=copy_link - Vendor Advisory

08 Jun 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-08 18:16

Updated : 2026-06-09 16:16

NVD link : CVE-2026-11555

Mitre link : CVE-2026-11555

CVE.ORG link : CVE-2026-11555

JSON object : View

Products Affected

dlink

dgs-1100-08pd
dgs-1100-08pd_firmware

CWE

CWE-266

Incorrect Privilege Assignment

CWE-272

Least Privilege Violation

3.7 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

2.6 /10

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2026-11555

3.7^/10

2.6^/10

Attach tags to `CVE-2026-11555`