CVE Information for D-Link DSL-6641K N8.TR069.20131126 CVE ID: CVE-2026-1705 Product: D-Link DSL-6641K N8.TR069.20131126 Vulnerability Type: Cross Site Scripting (CWE-79) CVSS Meta Temp Score: 2.2 Current Exploit Price: $0-$5k CTI Interest Score: 2.28 Summary: A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. It has been declared as problematic. This affects the function ad_virtual_server_vdsl of the component Web Interface. Executing a manipulation of the argument Name can lead to cross-site scripting. This vulnerability is registered as CVE-2026-1705. It is possible to launch the attack remotely. Furthermore, an exploit is available. Details: The vulnerability affects the function ad_virtual_server_vdsl of the component Web Interface. The manipulation of the argument Name with an unknown input leads to a cross-site scripting vulnerability. The CWE definition for the vulnerability is CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. As an impact, it is known to affect integrity. The advisory is available at tzrh00203.notion.site. The vulnerability was named CVE-2026-1705. The exploitation appears to be easy. The attack can be initiated remotely. The exploitation requires an enhanced level of successful authentication. Successful exploitation requires user interaction by the victim.