An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
The vulnerability occurs in the function at address 0x417234 in D-Link DIR-823X firmware version 240802. An attacker can pass crafted data to the function handling traceroute diagnostics (target_addr parameter), which are then interpreted as system commands without proper validation or sanitization. No authentication, user interaction, or specific network conditions are required.
An attacker can remotely execute arbitrary code with the privileges of the device process, which in practice means complete takeover of the router, ability to modify configuration, intercept network traffic, and use the device as an entry point to the local network.
Apply patches available from the manufacturer according to the references (https://www.dlink.com/en/security-bulletin/). Until updates are released, it is recommended to restrict access to the device management interface only to trusted IP addresses and disable remote access to the administrative panel from the WAN side.
D-Link DIR-823X firmware version 240802
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Dir 823x
HWDlinkwszystkie wersjeDlink Dir 823x Firmware
OSDlink240802
Related vulnerabilities
Command injection w D-Link DIR-823X umożliwiający zdalne wykonanie kodu
Command Injection w D-Link DIR-823X — zdalne wykonanie kodu przez parametr target_addr
D-Link DIR-823X: Command Injection przez parametr macaddr (RCE)
RCE w routerze D-Link DIR-823X poprzez parametr ntp_zone_val
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execut...