A vulnerability described as critical has been identified in D-Link DCS-935L up to 1.10.01 . The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service . The manipulation of the argument AdminPassword results in buffer overflow. This vulnerability is identified as CVE-2026-8260 . The attack can be executed remotely. Additionally, an exploit exists.