CRITICAL🇵🇱 Wersja polska

CVE-2025-29041

CVSS 9.8v3.1pub. 2025-04-17upd. 2025-05-01

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c

🤖 AI Analysis
How it works

An attacker can provide a crafted value for the 'target_addr' key (associated with the nslookup diagnostic function), which is then processed by the function at address 0x41710c without proper sanitization. Lack of input validation (CWE-78) leads to injection and execution of arbitrary system commands in the context of the request-handling process. The attack is possible remotely over the network without authentication.

Impact

An attacker can gain full control over the device, including reading or modifying its configuration, executing arbitrary system commands, and potentially using the router as an entry point to the local network.

Mitigation & patch

Apply patches available from the manufacturer according to the references (https://www.dlink.com/en/security-bulletin/). Until an update is released, it is recommended to restrict access to the device's administrative interface exclusively to trusted IP addresses and to disable remote management from the WAN network side.

Who is affected

D-Link DIR-823X with firmware version 240802

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 823x

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 823x Firmware

    OS
    Dlink
    240802
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCECommand Injection
CWE
References

Related vulnerabilities

CVE-2025-29042CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X: Command Injection przez parametr macaddr (RCE)

CVE-2025-29040CRITICAL9.8PL ✓ten sam produkt

Command Injection w D-Link DIR-823X — zdalne wykonanie kodu przez parametr target_addr

CVE-2025-29043CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-823X – command injection umożliwiający zdalne wykonanie kodu

CVE-2024-39962CRITICAL9.8PL ✓ten sam produkt

RCE w routerze D-Link DIR-823X poprzez parametr ntp_zone_val

CVE-2025-29635HIGH7.2⚠ KEVten sam produkt

A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execut...