D-Link DWM-222W Brute-Force Protection Bypass in USB WiFi Adapter: CVE-2026-6947 April 2026

D-Link｜DWM-222W USB Wi-Fi Adapter - Brute-Force Protection Bypass
DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits to perform brute-force attacks to gain control over the device.

Vulnerability Analysis

CVE-2026-6947 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

NONE

Weakness Type

Improper Restriction of Excessive Authentication Attempts

The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.

D-Link DWM-222W Brute-Force Protection Bypass in USB WiFi Adapter
CVE-2026-6947 Published on April 24, 2026

Vulnerability Analysis

Weakness Type

Improper Restriction of Excessive Authentication Attempts

Affected Versions

D-Link DWM-222W Brute-Force Protection Bypass in USB WiFi AdapterCVE-2026-6947 Published on April 24, 2026

Vulnerability Analysis

Weakness Type

Improper Restriction of Excessive Authentication Attempts

Affected Versions

D-Link DWM-222W Brute-Force Protection Bypass in USB WiFi Adapter
CVE-2026-6947 Published on April 24, 2026