D-Link DWM-222W Wi-Fi Adapter Vulnerable to Brute-Force Bypass

/HIGH /CVSS 7.5/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycwe-307
D-Link DWM-222W Wi-Fi Adapter Vulnerable to Brute-Force Bypass

The National Vulnerability Database has detailed CVE-2026-6947, a high-severity brute-force protection bypass vulnerability affecting the D-Link DWM-222W USB Wi-Fi Adapter. This flaw (CVSS 7.5) allows unauthenticated attackers on an adjacent network to bypass login attempt limits. The core issue, categorized as CWE-307, enables sustained brute-force attacks.

This isn’t just a theoretical weakness. An attacker can leverage this bypass to systematically guess credentials until they gain full control over the device. While the National Vulnerability Database did not specify affected product versions, the implications are clear: any DWM-222W adapter in an accessible network segment is a potential target.

For defenders, this means a directly exposed attack surface. Gaining control of a Wi-Fi adapter can provide a beachhead into a network, enabling further reconnaissance or lateral movement. The absence of brute-force protection on a network-accessible device is a critical design flaw that attackers will absolutely exploit.

What This Means For You

  • If your organization uses D-Link DWM-222W USB Wi-Fi Adapters, you need to immediately assess your exposure. Prioritize restricting network access to these devices and, if possible, replace them with hardware that enforces robust authentication attempt limits. Attackers don't need zero-days when basic security controls are missing.
🛡️ Am I exposed to this? Get detection rules for CVE-2026-6947 — Splunk, Sentinel, Elastic, QRadar & more

Related ATT&CK Techniques

T1110.001 Password Guessing: Brute Force Credential Access T1078.004 Cloud Accounts: OAuth Applications Initial Access

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1110.001 Credential Access

D-Link DWM-222W Brute-Force Bypass Attempt - Free Tier

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6947 Auth Bypass D-Link DWM-222W USB Wi-Fi Adapter
CVE-2026-6947 Auth Bypass Brute-Force Protection Bypass

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 24, 2026 at 07:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

CVE-2026-6810 — The Booking Calendar Contact Form plugin for WordPress is

CVE-2026-6810 — The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-5428 — Cross-Site Scripting (XSS)

CVE-2026-5428 — The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image captions in the Image Grid/Slider/Carousel widget in versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Plugin Flaw Exposes Sites to RCE

CVE-2026-5364 — The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to,...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma