Unrated severityNVD Advisory· Published Jan 21, 2026· Updated Mar 5, 2026

D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path

CVE-2026-23755

Description

D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.

Affected products

Dlink/D-Viewllm-fuzzy
Range: <=2.0.1.107
D-Link/D-View 8v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

supportannouncement.us.dlink.com/security/publication.aspxmitrevendor-advisorypatch
www.vulncheck.com/advisories/dlink-dview-8-installer-dll-preloading-via-uncontrolled-search-pathmitrethird-party-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000