CRITICAL🇵🇱 Wersja polska

CVE-2025-29040

CVSS 9.8v3.1pub. 2025-04-17upd. 2025-05-01

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c

🤖 AI Analysis
How it works

The vulnerability lies in the handling of the 'target_addr' parameter in the function located at address 0x41737c, likely related to the diagnostic ping function (diag_ping). Data passed by the attacker in the 'target_addr' key is not properly validated or sanitized before being passed to a system call. This enables injection of arbitrary system commands (command injection), which are executed with the privileges of the process handling the request.

Impact

A remote attacker, without any authentication, can execute arbitrary code on the device, which in practice means complete takeover of the router, including the ability to modify configuration, intercept network traffic, or use the device as a launch point for further attacks on the local network.

Mitigation & patch

Apply patches available from the manufacturer according to the references — check the D-Link security bulletin at https://www.dlink.com/en/security-bulletin/. Until the patch is released and deployed, it is recommended to restrict access to the device's administrative interface to trusted hosts only and disable access from the WAN side.

Who is affected

D-Link DIR-823X with firmware version 240802

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 823x

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 823x Firmware

    OS
    Dlink
    240802
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCECommand Injection
CWE
References

Related vulnerabilities

CVE-2025-29042CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X: Command Injection przez parametr macaddr (RCE)

CVE-2025-29041CRITICAL9.8PL ✓ten sam produkt

Command injection w D-Link DIR-823X umożliwiający zdalne wykonanie kodu

CVE-2025-29043CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X – command injection umożliwiający zdalne wykonanie kodu

CVE-2024-39962CRITICAL9.8PL ✓ten sam produkt

RCE w routerze D-Link DIR-823X poprzez parametr ntp_zone_val

CVE-2025-29635HIGH7.2⚠ KEVten sam produkt

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execut...