CVE-2025-0492

CWE-404CWE-476NULL Pointer DereferenceCWE-862Missing Authorization4 documents4 sources
Severity
8.7HIGH
EPSS
0.9%
top 24.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
D-link Dir-823xDlink Dir-823x Firmware
Timeline
PublishedJan 15
Latest updateJan 16

Description

A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5d-link/dir-823x240126, 240802+1
NVDdlink/dir-823x_firmware240126, 240802+1

🔴Vulnerability Details

2
GHSA
GHSA-2gx4-fph4-hgjx: A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical2025-01-16
CVEList
D-Link DIR-823X FUN_00412244 null pointer dereference2025-01-15

📋Vendor Advisories

1
Microsoft
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw under certain circumstances allows the use of the cgroups v1 release_age2022-03-08
CVE-2025-0492 (HIGH CVSS 8.7) | A vulnerability has been found in D | cvebase.io