{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-12174: D-Link DCS-935L HTTP rhea snprintf format string","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-12174","status":"final","version":"1","initial_release_date":"2026-06-13T20:15:12.362Z","current_release_date":"2026-06-13T20:15:12.362Z","revision_history":[{"date":"2026-06-13T20:15:12.362Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-12174 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-12174"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-12174"},{"category":"external","summary":"VDB-370815 | D-Link DCS-935L HTTP rhea snprintf format string","url":"https://vuldb.com/vuln/370815"},{"category":"external","summary":"VDB-370815 | CTI Indicators (IOB, IOC, IOA)","url":"https://vuldb.com/vuln/370815/cti"},{"category":"external","summary":"CVE-2026-12174 | CVE Analysis and Report","url":"https://vuldb.com/cve/CVE-2026-12174"},{"category":"external","summary":"Submit #837209 | D-Link DCS-935L HD Wi-Fi Camera 1.10.01 CWE-134: Use of Externally-Controlled Format String","url":"https://vuldb.com/submit/837209"},{"category":"external","summary":"github.com","url":"https://github.com/Real-Simplicity/cve-database/tree/main/CVE_Report_DLink_DCS935L_Format_String"},{"category":"external","summary":"dlink.com","url":"https://www.dlink.com/"}]},"product_tree":{"branches":[{"category":"vendor","name":"D-Link","branches":[{"category":"product_name","name":"DCS-935L","branches":[{"category":"product_version","name":"1.10.01","product":{"name":"D-Link DCS-935L 1.10.01","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:d-link:dcs-935l:1.10.01:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-12174","title":"D-Link DCS-935L HTTP rhea snprintf format string","notes":[{"category":"description","text":"A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P","baseScore":8.7,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1"]}]}]}