CVE-2025-10634
published 2025-09-18CVE-2025-10634: A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the…
low2.1CVSS 4.0
AVNACLATNPRLUINVCLVILVALSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dir-823x | — | — |
| d-link | dir-823x | — | — |
| d-link | dir-823x | — | — |
| dlink | dir-823x_firmware | — | — |
| dlink | dir-823x_firmware | — | — |
| dlink | dir-823x_firmware | — | — |