An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c
An attacker can provide a crafted value for the 'target_addr' key (associated with the nslookup diagnostic function), which is then processed by the function at address 0x41710c without proper sanitization. Lack of input validation (CWE-78) leads to injection and execution of arbitrary system commands in the context of the request-handling process. The attack is possible remotely over the network without authentication.
An attacker can gain full control over the device, including reading or modifying its configuration, executing arbitrary system commands, and potentially using the router as an entry point to the local network.
Apply patches available from the manufacturer according to the references (https://www.dlink.com/en/security-bulletin/). Until an update is released, it is recommended to restrict access to the device's administrative interface exclusively to trusted IP addresses and to disable remote management from the WAN network side.
D-Link DIR-823X with firmware version 240802
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Dir 823x
HWDlinkwszystkie wersjeDlink Dir 823x Firmware
OSDlink240802
Related vulnerabilities
D-Link DIR-823X: Command Injection przez parametr macaddr (RCE)
Command Injection w D-Link DIR-823X — zdalne wykonanie kodu przez parametr target_addr
D-Link DIR-823X – command injection umożliwiający zdalne wykonanie kodu
RCE w routerze D-Link DIR-823X poprzez parametr ntp_zone_val
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execut...