Dlink Dir-823X Firmware vulnerabilities

CVE-2025-11095 [MEDIUM] CWE-74 CVE-2025-11095: A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of t A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

CVE-2025-11097 [MEDIUM] CWE-74 CVE-2025-11097: A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the fil A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/set_device_name. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-11098 [MEDIUM] CWE-74 CVE-2025-11098: A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_wifi_blacklists. The manipulation of the argument macList results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.

CVE-2025-55848 [HIGH] CWE-77 CVE-2025-55848: An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the set_cassw An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the set_cassword settings interface, as the http_casswd parameter is not filtered by '&'to allow injection of reverse connection commands.

CVE-2025-10814 [MEDIUM] CWE-74 CVE-2025-10814: A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerabili A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-10634 [MEDIUM] CWE-74 CVE-2025-10634: A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminal_addr/server_ip/server_port causes command injection. The attack can be initiated remotely. The exploit has been m

CVE-2025-10401 [MEDIUM] CWE-74 CVE-2025-10401: A vulnerability was detected in D-Link DIR-823x up to 250416. The affected element is an unknown fun A vulnerability was detected in D-Link DIR-823x up to 250416. The affected element is an unknown function of the file /goform/diag_ping. Performing manipulation of the argument target_addr results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

CVE-2025-10123 [MEDIUM] CWE-74 CVE-2025-10123: A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is th A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub_415028 of the file /goform/set_static_leases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2025-29042 [CRITICAL] CWE-78 CVE-2025-29042: An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c

CVE-2025-29041 [CRITICAL] CWE-78 CVE-2025-29041: An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_ An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41710c

CVE-2025-29040 [CRITICAL] CWE-78 CVE-2025-29040: An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_ An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c

CVE-2025-29043 [CRITICAL] CWE-78 CVE-2025-29043: An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the functio An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234

CVE-2025-29039 [HIGH] CWE-94 CVE-2025-29039: An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the functio An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8

CVE-2025-29635 [HIGH] CWE-77 CVE-2025-29635: A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function, triggering remote command execution.

CVE-2025-2717 [MEDIUM] CWE-77 CVE-2025-2717: A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. This issue affects the function sub_41710C of the file /goform/diag_nslookup of the component HTTP POST Request Handler. The manipulation of the argument target_addr leads to os command injection. The attack may be initiated remotely. The exploit has been

CVE-2025-1103 [HIGH] CWE-404 CVE-2025-1103: A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. Th A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the file /goform/set_wifi_blacklists of the component HTTP POST Request Handler. The manipulation of the argument macList leads to null pointer dereference. It is possible to initiate the attack remotely. The

CVE-2025-0492 [HIGH] CWE-404 CVE-2025-0492: A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected A vulnerability has been found in D-Link DIR-823X 240126/240802 and classified as critical. Affected by this vulnerability is the function FUN_00412244. The manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-39962 [CRITICAL] CWE-94 CVE-2024-39962: D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a rem D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a remote code execution (RCE) vulnerability in the ntp_zone_val parameter at /goform/set_ntp. This vulnerability is exploited via a crafted HTTP request.