CVE-2026-23755

UNKNOWN 0.0

D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.

CWE	CWE-427
Vendor	d-link
Product	d-view 8
Published	Jan 21, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for d-link d-view 8

Be the first to know when new unknown vulnerabilities affecting d-link d-view 8 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

D-Link / D-View 8

0 ≤ 2.0.1.107

References

NVD ↗ CVE.org ↗ EPSS Data ↗

supportannouncement.us.dlink.com: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10471 vulncheck.com: https://www.vulncheck.com/advisories/dlink-dview-8-installer-dll-preloading-via-uncontrolled-search-path

Credits

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.