Critical D-Link Router Vulnerability Actively Exploited for Remote Code Execution
CVE-2026-0625 enables unauthenticated remote code execution on legacy D-Link DSL, DIR, and DNS devices via command injection. Attacks observed since November 2025; no patch available for end-of-life devices.